Automated Malware Analysis Management Report for Tribeca Investment Partners - Funds.pdf

Overview

General Information

Sample Name:	Tribeca Investment Partners - Funds.pdf
Analysis ID:	433116
MD5:	1f514a862d7eb6e2c4952b67a97a4e56
SHA1:	4a4d5f759793397ebdc72679895ef62f6a74fed3
SHA256:	6c796e1a57333bc61e0a45a6398da2393ce0529304b57abc8d22125862a02211
Infos:
Most interesting Screenshot:

Detection

HTMLPhisher

Score:	64
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

Antivirus detection for URL or domain

Found potential malicious PDF (bad image similarity)

Yara detected HtmlPhish29

Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

HTML title does not match URL

IP address seen in connection with other malware

JA3 SSL client fingerprint seen in connection with other malware

Classification

Signatures

AV Detection:

Antivirus detection for URL or domain

Source: https://spark.adobe.com/page/GG8mUEsjQvSUh/?page-mode=static	SlashNext: Label: Fake Login Page type: Phishing & Social Engineering
Source: https://xinviaoafinabatizx.us-south.cf.appdomain.cloud/?bbre=zoxsazx	SlashNext: Label: Fake Login Page type: Phishing & Social Engineering
Source: https://spark.adobe.com/page/GG8mUEsjQvSUh/	SlashNext: Label: Fake Login Page type: Phishing & Social Engineering

Phishing:

Yara detected HtmlPhish29

Source: Yara match	File source: 642294.0.links.csv, type: HTML
Source: Yara match	File source: 642294.2.links.csv, type: HTML
Source: Yara match	File source: 642294.pages.csv, type: HTML
Source: Yara match	File source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\GG8mUEsjQvSUh[1].htm, type: DROPPED
Source: Yara match	File source: C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\GG8mUEsjQvSUh[1].htm, type: DROPPED

HTML title does not match URL

Source: https://spark.adobe.com/page/GG8mUEsjQvSUh/	HTTP Parser: Title: Auric Partners does not match URL
Source: https://spark.adobe.com/page/GG8mUEsjQvSUh/	HTTP Parser: Title: Auric Partners does not match URL
Source: https://spark.adobe.com/page/GG8mUEsjQvSUh/	HTTP Parser: Title: Auric Partners does not match URL
Source: https://spark.adobe.com/page/GG8mUEsjQvSUh/	HTTP Parser: Title: Auric Partners does not match URL

Source: https://spark.adobe.com/page/GG8mUEsjQvSUh/	HTTP Parser: No <meta name="author".. found
Source: https://spark.adobe.com/page/GG8mUEsjQvSUh/	HTTP Parser: No <meta name="author".. found
Source: https://spark.adobe.com/page/GG8mUEsjQvSUh/	HTTP Parser: No <meta name="author".. found
Source: https://spark.adobe.com/page/GG8mUEsjQvSUh/	HTTP Parser: No <meta name="author".. found

Source: https://spark.adobe.com/page/GG8mUEsjQvSUh/	HTTP Parser: No <meta name="copyright".. found
Source: https://spark.adobe.com/page/GG8mUEsjQvSUh/	HTTP Parser: No <meta name="copyright".. found
Source: https://spark.adobe.com/page/GG8mUEsjQvSUh/	HTTP Parser: No <meta name="copyright".. found
Source: https://spark.adobe.com/page/GG8mUEsjQvSUh/	HTTP Parser: No <meta name="copyright".. found

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: unknown	HTTPS traffic detected: 13.225.74.123:443 -> 192.168.2.3:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.225.74.123:443 -> 192.168.2.3:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.195.109:443 -> 192.168.2.3:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.195.109:443 -> 192.168.2.3:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.195.109:443 -> 192.168.2.3:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.195.109:443 -> 192.168.2.3:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.195.109:443 -> 192.168.2.3:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.216.105.77:443 -> 192.168.2.3:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.216.105.77:443 -> 192.168.2.3:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 169.47.124.25:443 -> 192.168.2.3:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 169.47.124.25:443 -> 192.168.2.3:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.145.59:443 -> 192.168.2.3:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.145.59:443 -> 192.168.2.3:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.3:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.3:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.123.175:443 -> 192.168.2.3:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.123.175:443 -> 192.168.2.3:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.187.69:443 -> 192.168.2.3:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.187.69:443 -> 192.168.2.3:49771 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.148.64:443 -> 192.168.2.3:49774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.148.64:443 -> 192.168.2.3:49775 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.20.184.68:443 -> 192.168.2.3:49776 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.20.184.68:443 -> 192.168.2.3:49777 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 63.33.31.50:443 -> 192.168.2.3:49778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 63.33.31.50:443 -> 192.168.2.3:49779 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.236.176.210:443 -> 192.168.2.3:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.236.176.210:443 -> 192.168.2.3:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.225.74.37:443 -> 192.168.2.3:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.225.74.37:443 -> 192.168.2.3:49783 version: TLS 1.2

Networking:

IP address seen in connection with other malware

Source: Joe Sandbox View	IP Address: 169.47.124.25 169.47.124.25
Source: Joe Sandbox View	IP Address: 151.101.1.195 151.101.1.195
Source: Joe Sandbox View	IP Address: 151.101.1.195 151.101.1.195

JA3 SSL client fingerprint seen in connection with other malware

Source: Joe Sandbox View	JA3 fingerprint: 9e10692f1b7f78228b2d4e424db3a98c
Source: Joe Sandbox View	JA3 fingerprint: 3faf2df7ab96c36419c31725cb1fa7d6

Source: unsupported[1].htm.24.dr	String found in binary or memory: <a href="https://www.facebook.com/AdobeSpark" target="_blank" data-analytics-context="footer" data-type="facebook" equals www.facebook.com (Facebook)
Source: scripts[1].js0.24.dr	String found in binary or memory: if ($a.href.startsWith('https://www.facebook.')) { equals www.facebook.com (Facebook)
Source: scripts[1].js0.24.dr	String found in binary or memory: if ($a.href.startsWith('https://www.linkedin.com')) { equals www.linkedin.com (Linkedin)
Source: scripts[1].js0.24.dr	String found in binary or memory: if ($a.href.startsWith('https://www.youtube.com')) { equals www.youtube.com (Youtube)

Source: unknown

DNS traffic detected: queries for: page.adobespark-assets.com

Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertAssuredIDRootCA.crt0
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertEVCodeSigningCA-SHA2.crt0
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertHighAssuranceEVRootCA.crt0
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://cacerts.digicert.com/DigiCertSHA2AssuredIDTimestampingCA.crt0
Source: AcroRd32.exe, 00000002.00000002.373908461.0000000009350000.00000004.00000001.sdmp	String found in binary or memory: http://cipa.jp/exif/1.0/
Source: AcroRd32.exe, 00000002.00000002.373908461.0000000009350000.00000004.00000001.sdmp	String found in binary or memory: http://cipa.jp/exif/1.0/%
Source: AcroRd32.exe, 00000002.00000002.373908461.0000000009350000.00000004.00000001.sdmp	String found in binary or memory: http://cipa.jp/exif/1.0/(15)
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertAssuredIDRootCA.crl0P
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/EVCodeSigningSHA2-g1.crl07
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl3.digicert.com/sha2-assured-ts.crl02
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertAssuredIDRootCA.crl0:
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl4.digicert.com/DigiCertHighAssuranceEVRootCA.crl0
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl4.digicert.com/EVCodeSigningSHA2-g1.crl0K
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://crl4.digicert.com/sha2-assured-ts.crl0
Source: m-web-77674361[1].js.24.dr	String found in binary or memory: http://feross.org
Source: chrome[1].js.24.dr	String found in binary or memory: http://github.com/janl/mustache.js
Source: AcroRd32.exe, 00000002.00000002.384245575.000000000B4DA000.00000004.00000001.sdmp	String found in binary or memory: http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/
Source: AcroRd32.exe, 00000002.00000002.384245575.000000000B4DA000.00000004.00000001.sdmp	String found in binary or memory: http://iptc.org/std/Iptc4xmpCore/1.0/xmlns/v
Source: AcroRd32.exe, 00000002.00000002.384245575.000000000B4DA000.00000004.00000001.sdmp	String found in binary or memory: http://iptc.org/std/Iptc4xmpExt/2008-02-29/
Source: AcroRd32.exe, 00000002.00000002.384245575.000000000B4DA000.00000004.00000001.sdmp	String found in binary or memory: http://iptc.org/std/Iptc4xmpExt/2008-02-29/d
Source: publish.combined.fp-67aad4c89568b23c662905b8b4fd16bd[1].js.24.dr	String found in binary or memory: http://jedwatson.github.io/classnames
Source: chrome[1].js.24.dr	String found in binary or memory: http://mathiasbynens.be/demo/url-regex
Source: m-unsupported-88cd3215[1].js.24.dr	String found in binary or memory: http://medialize.github.io/URI.js/
Source: AcroRd32.exe, 00000002.00000002.387053876.000000000D211000.00000004.00000001.sdmp	String found in binary or memory: http://ns.a
Source: AcroRd32.exe, 00000002.00000002.384245575.000000000B4DA000.00000004.00000001.sdmp	String found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/
Source: AcroRd32.exe, 00000002.00000002.384245575.000000000B4DA000.00000004.00000001.sdmp	String found in binary or memory: http://ns.useplus.org/ldf/xmp/1.0/K$F
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://ocsp.digicert.com0C
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://ocsp.digicert.com0H
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://ocsp.digicert.com0I
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://ocsp.digicert.com0O
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000000000ffd9
Source: vtg4qoo[1].js0.24.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000132df
Source: vtg4qoo[1].js0.24.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000132e1
Source: vtg4qoo[1].js0.24.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000132e3
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d3
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d4
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d6
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d7
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d8
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000158d9
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000000001705b
Source: vtg4qoo[1].js0.24.dr	String found in binary or memory: http://typekit.com/eulas/0000000000000000000176ff
Source: vtg4qoo[1].js0.24.dr	String found in binary or memory: http://typekit.com/eulas/000000000000000000017701
Source: vtg4qoo[1].js0.24.dr	String found in binary or memory: http://typekit.com/eulas/000000000000000000017703
Source: vtg4qoo[1].js0.24.dr	String found in binary or memory: http://typekit.com/eulas/000000000000000000017706
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: http://typekit.com/eulas/000000000000000000017709
Source: pps7abe[1].css.24.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9aee45
Source: pps7abe[1].css.24.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9aee47
Source: onz5gap[1].js0.24.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3068
Source: onz5gap[1].js0.24.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f83
Source: pps7abe[1].css.24.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f84
Source: onz5gap[1].js0.24.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f85
Source: pps7abe[1].css.24.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f86
Source: onz5gap[1].js0.24.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f88
Source: onz5gap[1].js0.24.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f8a
Source: pps7abe[1].css.24.dr	String found in binary or memory: http://typekit.com/eulas/00000000000000003b9b3f8c
Source: marvelcommon-51100480[1].js.24.dr	String found in binary or memory: http://underscorejs.org/LICENSE
Source: AcroRd32.exe, 00000002.00000002.384245575.000000000B4DA000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/extension/
Source: AcroRd32.exe, 00000002.00000002.384245575.000000000B4DA000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/field#
Source: AcroRd32.exe, 00000002.00000002.384083181.000000000B423000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/id/
Source: AcroRd32.exe, 00000002.00000002.384245575.000000000B4DA000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/property#
Source: AcroRd32.exe, 00000002.00000002.384245575.000000000B4DA000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/schema#
Source: AcroRd32.exe, 00000002.00000002.384245575.000000000B4DA000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfa/ns/type#
Source: AcroRd32.exe, 00000002.00000002.387053876.000000000D211000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfe/ns/id/
Source: AcroRd32.exe, 00000002.00000002.387053876.000000000D211000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfe/ns/id/F
Source: AcroRd32.exe, 00000002.00000002.387053876.000000000D211000.00000004.00000001.sdmp	String found in binary or memory: http://www.aiim.org/pdfe/ns/id/y
Source: scripts[1].js0.24.dr, marvelcommon-51100480[1].js.24.dr	String found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: http://www.digicert.com/ssl-cps-repository.htm0
Source: chrome[1].js.24.dr	String found in binary or memory: http://www.iport.it)
Source: AcroRd32.exe, 00000002.00000002.384083181.000000000B423000.00000004.00000001.sdmp	String found in binary or memory: http://www.npes.org/pdfx/ns/id/
Source: AcroRd32.exe, 00000002.00000002.384083181.000000000B423000.00000004.00000001.sdmp	String found in binary or memory: http://www.npes.org/pdfx/ns/id/D
Source: AcroRd32.exe, 00000002.00000002.384083181.000000000B423000.00000004.00000001.sdmp	String found in binary or memory: http://www.npes.org/pdfx/ns/id/_
Source: m-unsupported-88cd3215[1].js.24.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license
Source: marvelcommon-51100480[1].js.24.dr	String found in binary or memory: http://www.opensource.org/licenses/mit-license.html
Source: AcroRd32.exe, 00000002.00000002.366941342.0000000007B70000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/default/1.0%http://www.osmf.org/mediatype/default
Source: AcroRd32.exe, 00000002.00000002.366941342.0000000007B70000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/drm/default
Source: AcroRd32.exe, 00000002.00000002.366941342.0000000007B70000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/elementId%http://www.osmf.org/temporal/embedded$http://www.osmf.org/temporal/dyn
Source: AcroRd32.exe, 00000002.00000002.366941342.0000000007B70000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/layout/anchor
Source: AcroRd32.exe, 00000002.00000002.366941342.0000000007B70000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/layout/padding%http://www.osmf.org/layout/attributes
Source: AcroRd32.exe, 00000002.00000002.366941342.0000000007B70000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/region/target#http://www.osmf.org/layout/renderer#http://www.osmf.org/layout/abs
Source: AcroRd32.exe, 00000002.00000002.366941342.0000000007B70000.00000002.00000001.sdmp	String found in binary or memory: http://www.osmf.org/subclip/1.0
Source: AcroRd32.exe, 00000002.00000002.366941342.0000000007B70000.00000002.00000001.sdmp	String found in binary or memory: http://www.quicktime.com.Acrobat
Source: AcroRd32.exe, 00000002.00000002.387053876.000000000D211000.00000004.00000001.sdmp	String found in binary or memory: https://.OKCancelEdit
Source: AcroRd32.exe, 00000002.00000002.387053876.000000000D211000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/
Source: AcroRd32.exe, 00000002.00000002.387053876.000000000D211000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/TY
Source: AcroRd32.exe, 00000002.00000002.384922126.000000000B633000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/
Source: AcroRd32.exe, 00000002.00000002.384922126.000000000B633000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/Upload/4
Source: AcroRd32.exe, 00000002.00000002.387053876.000000000D211000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/pY
Source: AcroRd32.exe, 00000002.00000002.387053876.000000000D211000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/y
Source: AcroRd32.exe, 00000002.00000002.387053876.000000000D211000.00000004.00000001.sdmp	String found in binary or memory: https://PrefSyncJob/com.adobe.acrobat.ADotCom/Resource/Sync/yY
Source: RC881683c91a4d4caaa3e05264c5d96242-file.min[1].js.24.dr	String found in binary or memory: https://ade0164.d41.co/sync/
Source: {135EBDC5-CADC-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://adobe.demdex.net/dest5.html?d_nsid=0
Source: unsupported[1].htm.24.dr	String found in binary or memory: https://adobespark.uservoice.com
Source: en-US_bundle-6a358124[1].js.24.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/articles/218956027
Source: en-US_bundle-6a358124[1].js.24.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/articles/219243657
Source: en-US_bundle-6a358124[1].js.24.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/articles/219243657-Can-students-use-Adobe-Spark-
Source: login[2].htm.24.dr, unsupported[1].htm.24.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/categories/202688167-Adobe-Spark
Source: unsupported[1].htm.24.dr	String found in binary or memory: https://adobespark.zendesk.com/hc/en-us/requests/new
Source: resume[1].htm.24.dr	String found in binary or memory: https://adobesparkpost.app.link/8n80l2HauZ
Source: invoice[1].htm.24.dr	String found in binary or memory: https://adobesparkpost.app.link/Wm9lz3B4tZ
Source: logo[1].htm.24.dr	String found in binary or memory: https://adobesparkpost.app.link/g8sk4xb8AV
Source: express[1].htm.24.dr	String found in binary or memory: https://adobesparkpost.app.link/jsoIbkwCVeb
Source: express[1].htm.24.dr	String found in binary or memory: https://adobesparkpost.app.link/nfQW2NoCVeb
Source: AcroRd32.exe, 00000002.00000002.387234083.000000000D30C000.00000004.00000001.sdmp	String found in binary or memory: https://api.echosign.com
Source: AcroRd32.exe, 00000002.00000002.387234083.000000000D30C000.00000004.00000001.sdmp	String found in binary or memory: https://api.echosign.com3252:1m
Source: AcroRd32.exe, 00000002.00000002.387053876.000000000D211000.00000004.00000001.sdmp	String found in binary or memory: https://api.echosign.comRL
Source: express[1].htm.24.dr	String found in binary or memory: https://apps.apple.com/us/app/adobe-spark-post-create-stunning/id1051937863
Source: login[2].htm.24.dr	String found in binary or memory: https://assets.adobedtm.com
Source: RC036830be72f242959c7b9ca66cef0c85-file.min[1].js.24.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC036830be72f242959c7b9ca66cef0c8
Source: RC5e5d1b9fe0a942c38190dc2199529941-file.min[1].js.24.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC5e5d1b9fe0a942c38190dc219952994
Source: RC6f46e43fa6d44dbeb45cc5801ffded0e-file.min[1].js.24.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC6f46e43fa6d44dbeb45cc5801ffded0
Source: RC881683c91a4d4caaa3e05264c5d96242-file.min[1].js.24.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC881683c91a4d4caaa3e05264c5d9624
Source: RC89c6d3bd15f043db95a5a0a4b5cc9da0-file.min[1].js.24.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RC89c6d3bd15f043db95a5a0a4b5cc9da
Source: RCa8534599c5d1425b9b1fceaf046699bf-source.min[1].js.24.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RCa8534599c5d1425b9b1fceaf046699b
Source: RCbb47518ad08d43699044c6ef46f39ebb-file.min[1].js.24.dr	String found in binary or memory: https://assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/f496fb7b47d7/RCbb47518ad08d43699044c6ef46f39eb
Source: launch-EN919758db9a654a17bac7d184b99c4820.min[1].js.24.dr	String found in binary or memory: https://assets.adobedtm.com/launch-EN919758db9a654a17bac7d184b99c4820.js
Source: scripts[1].js0.24.dr	String found in binary or memory: https://blog.adobespark.com/
Source: login[2].htm.24.dr	String found in binary or memory: https://cdn.cookielaw.org
Source: 7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.24.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/googleData.json
Source: 7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.24.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iab2Data.json
Source: 7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.24.dr	String found in binary or memory: https://cdn.cookielaw.org/vendorlist/iabData.json
Source: en[1].js.24.dr	String found in binary or memory: https://developer.akamai.com/tools/boomerang#mpulse-session-information
Source: headIE.fp-f9e44dbeef5252f4d02c4ed9c4b6a618[1].js.24.dr	String found in binary or memory: https://developer.mozilla.org/en-US/docs/Web/API/NodeList/forEach
Source: publish.combined.fp-67aad4c89568b23c662905b8b4fd16bd[1].js.24.dr	String found in binary or memory: https://fb.me/react-polyfills
Source: m-unsupported-88cd3215[1].js.24.dr	String found in binary or memory: https://feross.org
Source: m-unsupported-88cd3215[1].js.24.dr	String found in binary or memory: https://feross.org/opensource
Source: 7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js.24.dr	String found in binary or memory: https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
Source: head.fp-00a38324dab316803fdc74cba4ad7ab9[1].js.24.dr	String found in binary or memory: https://github.com/focus-trap/focus-trap/blob/master/LICENSE
Source: head.fp-00a38324dab316803fdc74cba4ad7ab9[1].js.24.dr	String found in binary or memory: https://github.com/focus-trap/tabbable/blob/master/LICENSE
Source: chrome[1].js.24.dr	String found in binary or memory: https://github.com/janl/mustache.js/issues/186
Source: chrome[1].js.24.dr	String found in binary or memory: https://github.com/janl/mustache.js/issues/189
Source: chrome[1].js.24.dr	String found in binary or memory: https://github.com/janl/mustache.js/issues/244
Source: marvelcommon-51100480[1].js.24.dr	String found in binary or memory: https://github.com/kriskowal/q/blob/v1/LICENSE
Source: AcroRd32.exe, 00000002.00000002.373908461.0000000009350000.00000004.00000001.sdmp	String found in binary or memory: https://ims-na1.adobelogin.com
Source: chrome[1].js.24.dr	String found in binary or memory: https://issues.apache.org/jira/browse/COUCHDB-577
Source: marvelcommon-51100480[1].js.24.dr	String found in binary or memory: https://lodash.com/
Source: marvelcommon-51100480[1].js.24.dr	String found in binary or memory: https://lodash.com/license
Source: marvelcommon-51100480[1].js.24.dr	String found in binary or memory: https://npms.io/search?q=ponyfill.
Source: marvelcommon-51100480[1].js.24.dr	String found in binary or memory: https://openjsf.org/
Source: en-US_bundle-6a358124[1].js.24.dr	String found in binary or memory: https://opsparc.gsfc.nasa.gov/?sdid=MC95SNMJ&mv=social
Source: rbi5aua[1].js1.24.dr, vtg4qoo[1].js0.24.dr, onz5gap[1].js0.24.dr	String found in binary or memory: https://p.typekit.net/p.gif
Source: RCbb47518ad08d43699044c6ef46f39ebb-file.min[1].js.24.dr	String found in binary or memory: https://p13n-stage.adobe.io/psdk/v2/content
Source: RCbb47518ad08d43699044c6ef46f39ebb-file.min[1].js.24.dr	String found in binary or memory: https://p13n.adobe.io/psdk/v2/content
Source: GG8mUEsjQvSUh[1].htm0.24.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/base-fonts.gz.js
Source: GG8mUEsjQvSUh[1].htm0.24.dr, imagestore.dat.24.dr, ~DF8227BB7BB94304CB.TMP.23.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/images/favicon.ico
Source: GG8mUEsjQvSUh[1].htm0.24.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/noscript.gz.css
Source: GG8mUEsjQvSUh[1].htm0.24.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/runtime-prod.gz.js
Source: GG8mUEsjQvSUh[1].htm0.24.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/runtime.gz.css
Source: GG8mUEsjQvSUh[1].htm0.24.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/themes/crisp-fonts.gz.js
Source: GG8mUEsjQvSUh[1].htm0.24.dr	String found in binary or memory: https://page.adobespark-assets.com/runtime/1.22/typekit-load.gz.js
Source: publish.combined.fp-67aad4c89568b23c662905b8b4fd16bd[1].js.24.dr	String found in binary or memory: https://reactjs.org/docs/error-decoder.html?invariant=
Source: login[2].htm.24.dr	String found in binary or memory: https://static.adobelogin.com/imslib/imslib.min.js
Source: privacy[1].htm0.24.dr	String found in binary or memory: https://static.adobelogin.com/imslib/imslib.min.js
Source: unsupported[1].htm.24.dr	String found in binary or memory: https://support.apple.com/downloads/safari
Source: scripts[1].js0.24.dr	String found in binary or memory: https://twitter.com
Source: unsupported[1].htm.24.dr	String found in binary or memory: https://twitter.com/AdobeSpark
Source: onz5gap[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/180c9d/00000000000000003b9b3f8a/27/
Source: vtg4qoo[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/1da05b/0000000000000000000132df/27/
Source: onz5gap[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/37eaae/00000000000000003b9b3f83/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: https://use.typekit.net/af/3d913c/000000000000000000017709/26/
Source: vtg4qoo[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/40207f/0000000000000000000176ff/27/
Source: vtg4qoo[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/4b3e87/000000000000000000017706/27/
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: https://use.typekit.net/af/6c57c4/0000000000000000000158d6/26/
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: https://use.typekit.net/af/74fc30/0000000000000000000158d4/26/
Source: vtg4qoo[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/8f4e31/0000000000000000000132e3/27/
Source: onz5gap[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/949f99/00000000000000003b9b3068/27/
Source: onz5gap[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: scripts[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/97fbd1/00000000000000003b9b3f88/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: https://use.typekit.net/af/9951d2/0000000000000000000158d7/26/
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: https://use.typekit.net/af/9d1933/00000000000000000001705b/26/
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/a0c22f/00000000000000003b9b3f84/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/a0c22f/00000000000000003b9b3f84/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/a0c22f/00000000000000003b9b3f84/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/aa41d0/00000000000000003b9b3f86/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/aa41d0/00000000000000003b9b3f86/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/aa41d0/00000000000000003b9b3f86/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: scripts[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/ad2a79/00000000000000003b9b3f8c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8
Source: onz5gap[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: scripts[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/b0c5f5/00000000000000003b9b3f85/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/c8f445/00000000000000003b9aee47/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: vtg4qoo[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/cb695f/000000000000000000017701/27/
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: https://use.typekit.net/af/d5d9b2/00000000000000000000ffd9/26/
Source: vtg4qoo[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/d8f71f/0000000000000000000132e1/27/
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: https://use.typekit.net/af/e030d3/0000000000000000000158d3/26/
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/e09494/00000000000000003b9aee45/27/a?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/e09494/00000000000000003b9aee45/27/d?primer=388f68b35a7cbf1ee3543172445c2
Source: pps7abe[1].css.24.dr	String found in binary or memory: https://use.typekit.net/af/e09494/00000000000000003b9aee45/27/l?primer=388f68b35a7cbf1ee3543172445c2
Source: vtg4qoo[1].js0.24.dr	String found in binary or memory: https://use.typekit.net/af/eaf09c/000000000000000000017703/27/
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: https://use.typekit.net/af/edcf1e/0000000000000000000158d9/26/
Source: rbi5aua[1].js1.24.dr	String found in binary or memory: https://use.typekit.net/af/fe9c8e/0000000000000000000158d8/26/
Source: privacy[1].htm0.24.dr	String found in binary or memory: https://use.typekit.net/pps7abe.css
Source: login[2].htm.24.dr	String found in binary or memory: https://use.typekit.net/vtg4qoo.css
Source: unsupported[1].htm.24.dr	String found in binary or memory: https://use.typekit.net/vtg4qoo.js
Source: {135EBDC5-CADC-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://www.adobebe.com/page/GG8mUEsjQvSUh/
Source: AcroRd32.exe, 00000002.00000002.373401937.0000000008A2D000.00000002.00000001.sdmp	String found in binary or memory: https://www.digicert.com/CPS0
Source: scripts[1].js0.24.dr	String found in binary or memory: https://www.facebook.
Source: unsupported[1].htm.24.dr	String found in binary or memory: https://www.google.com/chrome/browser/desktop/index.html
Source: chrome[1].js.24.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?
Source: scripts[1].js0.24.dr	String found in binary or memory: https://www.instagram.com
Source: unsupported[1].htm.24.dr	String found in binary or memory: https://www.instagram.com/AdobeSpark
Source: scripts[1].js0.24.dr	String found in binary or memory: https://www.linkedin.com
Source: unsupported[1].htm.24.dr	String found in binary or memory: https://www.mozilla.org/firefox
Source: scripts[1].js0.24.dr	String found in binary or memory: https://www.pinterest.
Source: scripts[1].js0.24.dr	String found in binary or memory: https://www.youtube.com
Source: {135EBDC5-CADC-11EB-90E4-ECF4BB862DED}.dat.23.dr	String found in binary or memory: https://xinviaoafinabatizx.us-south.cf.appdomain.cloud
Source: ~DF8227BB7BB94304CB.TMP.23.dr	String found in binary or memory: https://xinviaoafinabatizx.us-south.cf.appdomain.cloud/?bbre=zoxsazx

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443

Source: unknown	HTTPS traffic detected: 13.225.74.123:443 -> 192.168.2.3:49736 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.225.74.123:443 -> 192.168.2.3:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.195.109:443 -> 192.168.2.3:49741 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.195.109:443 -> 192.168.2.3:49740 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.195.109:443 -> 192.168.2.3:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.195.109:443 -> 192.168.2.3:49738 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.195.109:443 -> 192.168.2.3:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.216.105.77:443 -> 192.168.2.3:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.216.105.77:443 -> 192.168.2.3:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 169.47.124.25:443 -> 192.168.2.3:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 169.47.124.25:443 -> 192.168.2.3:49759 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.145.59:443 -> 192.168.2.3:49761 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 172.67.145.59:443 -> 192.168.2.3:49762 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.3:49764 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.1.195:443 -> 192.168.2.3:49763 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.123.175:443 -> 192.168.2.3:49766 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.123.175:443 -> 192.168.2.3:49765 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.187.69:443 -> 192.168.2.3:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.224.187.69:443 -> 192.168.2.3:49771 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.148.64:443 -> 192.168.2.3:49774 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.16.148.64:443 -> 192.168.2.3:49775 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.20.184.68:443 -> 192.168.2.3:49776 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 104.20.184.68:443 -> 192.168.2.3:49777 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 63.33.31.50:443 -> 192.168.2.3:49778 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 63.33.31.50:443 -> 192.168.2.3:49779 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.236.176.210:443 -> 192.168.2.3:49780 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 15.236.176.210:443 -> 192.168.2.3:49781 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.225.74.37:443 -> 192.168.2.3:49782 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.225.74.37:443 -> 192.168.2.3:49783 version: TLS 1.2

System Summary:

Found potential malicious PDF (bad image similarity)

Source: Tribeca Investment Partners - Funds.pdf

Static PDF information: Image stream: 12

Source: classification engine

Classification label: mal64.phis.winPDF@19/308@15/15

Source: Tribeca Investment Partners - Funds.pdf	Initial sample: https://spark.adobe.com/page/GG8mUEsjQvSUh/
Source: Tribeca Investment Partners - Funds.pdf	Initial sample: https://spark.adobe.com/page/gg8muesjqvsuh/

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

File created: C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons

Jump to behavior

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

File created: C:\Users\user\AppData\Local\Temp\acrord32_sbx\A9Rmzh6rb_163jmjl_4lk.tmp

Jump to behavior

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

File read: C:\Program Files (x86)\desktop.ini

Jump to behavior

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

File opened: C:\Windows\SysWOW64\Msftedit.dll

Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Source: C:\Program Files (x86)\Internet Explorer\iexplore.exe

File opened: C:\Program Files (x86)\Java\jre1.8.0_211\bin\msvcr100.dll

Jump to behavior

Source: Tribeca Investment Partners - Funds.pdf	Initial sample: PDF keyword /JS count = 0
Source: Tribeca Investment Partners - Funds.pdf	Initial sample: PDF keyword /JavaScript count = 0

Source: Tribeca Investment Partners - Funds.pdf

Initial sample: PDF keyword /EmbeddedFile count = 0

Source: Tribeca Investment Partners - Funds.pdf

Initial sample: PDF keyword obj count = 124

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOOPENFILEERRORBOX	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process information set: NOGPFAULTERRORBOX \| NOOPENFILEERRORBOX	Jump to behavior

Source: Contact_72px_lt-gray[1].svg.24.dr	Binary or memory string: NEIBESjjzwKWaQEmuhbGgACFWDKdB5OZZSX+agjjkcZegD1y0h+ELA7oCf9h2TzH5Lk87RNpJWUz
Source: AcroRd32.exe, 00000002.00000002.387053876.000000000D211000.00000004.00000001.sdmp	Binary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dllm
Source: LawEnforcement_72px_lt-gray[1].svg.24.dr	Binary or memory string: 4RfwbOThACGyTEZ5moRPrV2QweL6BvvMQAZIZXEdT2O5NEPgUsRJGSwFUuYlgyhgfSp3NY2hgKUv
Source: Policies_72px_lt-gray[1].svg.24.dr	Binary or memory string: 4tB1EVplopO2rztHQjrQqeMUbUqdlUYbWkVkAS0rzSFGk5qfcFFaK8X2oKw7N1FayNdH7BQ+Tst9

Anti Debugging:

Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)

Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

Code function: 2_2_04F1D1D0 LdrInitializeThunk,

2_2_04F1D1D0

Source: AcroRd32.exe, 00000002.00000002.365683252.0000000005860000.00000002.00000001.sdmp	Binary or memory string: Program Manager
Source: AcroRd32.exe, 00000002.00000002.365683252.0000000005860000.00000002.00000001.sdmp	Binary or memory string: Shell_TrayWnd
Source: AcroRd32.exe, 00000002.00000002.365683252.0000000005860000.00000002.00000001.sdmp	Binary or memory string: Progman
Source: AcroRd32.exe, 00000002.00000002.365683252.0000000005860000.00000002.00000001.sdmp	Binary or memory string: Progmanlock

Domain

Country

Flag

ASN

ASN Name

Malicious

63.33.31.50

dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com

United States

16509

AMAZON-02US

false

169.47.124.25

xinviaoafinabatizx.us-south.cf.appdomain.cloud

United States

36351

SOFTLAYERUS

false

13.225.74.123

unknown

United States

16509

AMAZON-02US

false

13.224.187.69

dd20fzx9mj46f.cloudfront.net

United States

16509

AMAZON-02US

false

151.101.1.195

rikapcndbn.web.app

United States

54113

FASTLYUS

false

104.16.123.175

unpkg.com

United States

13335

CLOUDFLARENETUS

false

104.16.148.64

cdn.cookielaw.org

United States

13335

CLOUDFLARENETUS

false

104.20.184.68

geolocation.onetrust.com

United States

13335

CLOUDFLARENETUS

false

13.225.74.37

api.demandbase.com

United States

16509

AMAZON-02US

false

52.216.105.77

s3.amazonaws.com

United States

16509

AMAZON-02US

false

172.67.145.59

kifot.wancdnapp.page

United States

13335

CLOUDFLARENETUS

false

80.0.0.0

unknown

United Kingdom

5089

NTLGB

false

13.224.195.109

page.adobespark-assets.com

United States

16509

AMAZON-02US

false

15.236.176.210

adobe.com.ssl.d1.sc.omtrdc.net

United States

16509

AMAZON-02US

false

192.168.2.1

Name

Active

dd20fzx9mj46f.cloudfront.net

13.224.187.69

true

dcs-edge-irl1-876252164.eu-west-1.elb.amazonaws.com

63.33.31.50

true

rikapcndbn.web.app

151.101.1.195

true

xinviaoafinabatizx.us-south.cf.appdomain.cloud

169.47.124.25

true

kifot.wancdnapp.page

172.67.145.59

true

spark.adobeprojectm.com

13.225.74.22

true

s3.amazonaws.com

52.216.105.77

true

adobe.com.ssl.d1.sc.omtrdc.net

15.236.176.210

true

api.demandbase.com

13.225.74.37

true

unpkg.com

104.16.123.175

true

page.adobespark-assets.com

13.224.195.109

true

cdn.cookielaw.org

104.16.148.64

true

geolocation.onetrust.com

104.20.184.68

true

use.typekit.net

unknown

assets.adobedtm.com

unknown

p.typekit.net

unknown

dpm.demdex.net

unknown

static.adobelogin.com

unknown

Name	Type	MD5	SHA1	SHA256
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\05349744be1ad4ad_0	data	0A491081D88AC40C1BCD323C6FB158ED	B9B1EEACF8D875ECADF363BF12F41B3D9BC25C38	DB30BACD869B4446B1A9655ADF4E651E0246C485D6935E01064488F581B94F6B
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0786087c3c360803_0	data	536EC9035BFF1739BF7CB2B3C7B9AF9D	D2F8E6D7B27C68361733DF80BC947E2F7D126F39	0076CFC1535D23D9F826A44896EE8C680FC484B02A50AB25F50C174BB7FB7155
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0998db3a32ab3f41_0	data	655F35F9452FC66E1F5B8B467AEFCDB2	9C76EBB8AEB039E97DD5EC4DD978728B715FC582	80144F107A83A9A195EE4988739F674F064740876F842600637866939DEBC385
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0ace9ee3d914a5c0_0	data	265296634E8BEF9F4CF3398F48136BBA	3DCCCA836B36AF38AF608DE7BC1DCC63444DE138	0E55C82247859D0BEA6235E509C3400495D10AC1EF71723EA3DCFAD901F5E4F9
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\0f25049d69125b1e_0	data	87CAE90B20FD86E49D563744534AA6A5	D65A356B29EDCFA77224E795E3392E9EDB9908BB	34F1E220660245A61D0622443D7683F382830E528F459E8C9BF26C05F995192B
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\230e5fe3e6f82b2c_0	data	23936B1FEF8D1073BB8175D2A9E8A317	3893C756E70B6E5E8B557CAAF6F5515D9D18A818	59FDEB883975E552B6EBA7543C78AAF0EFEC7170EE2C2C17E098BBC00C5DD04E
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2798067b152b83c7_0	data	7005EED40F5F2A9738EA306416D91BA8	9762CFDE678A6C75DBBA8133397735A380986992	E743051A07DDB265456557ECBC4322D6DE7242FC1C9D0EC68D6F49AE61387A80
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\2a426f11fd8ebe18_0	data	9EE06C4460090D3FB89316B8BFE10DEE	DBA786217B265EE99D160019CC41C824C659E8FE	AF49DA68403C6E4F94D0D86BE081CE50376E62BAB4B17566BF4762C83CC61A46
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\39c14c1f4b086971_0	data	19D089D30212302279F245DD80224B50	3C7F7E3118F0E032365B179CF5F1D95526B10D27	C861D9F57FC2031CFB768855582B95E7928BA0F5EAB555087F61D2CD9DE06992
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\3a4ae3940784292a_0	data	A6C4E73C8247230CF0650B03C8D325A6	0C0AAC18065C132A07E3BA5B25C62001285DDB93	DB2A98DAF8F0501CB243ED1BA546BFD2FE1DF7FB00A260C38B55D7BEF0A87334
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\4a0e94571d979b3c_0	data	33CCF19E67ECE47944B7A0F7FEFA998C	4F3B72677292B7D505416BAA18DBFA66E508F6EB	10A26858256FA20155ACCD171436B9233B6D5C5B657DBD37B52910CF0A04B49F
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\560e9c8bff5008d8_0	data	FABE2533884CC615F53B3528F446BEF2	D32530F77626B6462FAD15FDF0CBA5EEBF0FC310	0603283D9F124EC0BEA02E6BB681C8D007DBEC1290F873C912310C172978DA0C
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\56c4cd218555ae2b_0	data	BA4FEEB2BCA500D4AAC12D03B4E74E15	F4538BC4DEE930C7F6DC4BB3441F00C0DC778A14	E266BE2DB18EC47C6B385BB085EFFEC31C5737241B800CDE1E9FF00810B40A20
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6267ed4d4a13f54b_0	data	761A29C7B78279FECB2B21E1103C8764	16E3F8928BD7D9EBC8A23FEF4F55F099C9E80911	86A63DFBD17F29AA9BE606210A7F669A045B2D781C1BDBAA776A4D1D51A881AE
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\6fb6d030c4ebbc21_0	data	E43982F8FF6694E9051FE9546A32185D	68963D4A8F73FBE79D388063A057B09F0D8B1A04	50F4DC4A07F525EAEA30095A2B1D80E7779DCCFD78EEE2917124A7A56EB5EE29
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\7120c35b509b0fae_0	data	FC4F6400DC58CA60EB6FC7864C4BDA0B	34868D1698779BF4E2D26E341D3F5CE033A383AC	3A959303C23CC3885AF00D612121244FEAAF858CB1FC9D186DC53447D957557F
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\71febec55d5c75cd_0	data	3F64DA05E63DCBDFC6D93F341772FF8F	C209869A0D303BD66E0BD7958A1886E227F5CE21	24F78E7CB62ED378722E985776F43C63FE28ECEE3D6131770DCFAD54A819CD3A
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\86b8040b7132b608_0	data	DA0640CFB31FF35B4D45237B338E8824	820923E14B7CB7C4E8127ABDE022B5E055BA3D81	B215AF902A37783670BD749EC73C684FB26897413A64528FEF75256682C0E53E
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c159cc5880890bc_0	data	B49E7B26354B8F151BD2780ADCD37707	D4E1B31E08A701DCC00CC36277FF294C4289B400	E68C1CC1904C45C958D94BC7D7ABC9ECC206A5FE46ADB478AD576C757FF5E591
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8c84d92a9dbce3e0_0	data	3F87DAB1289E6A0EFDAEFBE8FC39E841	C646A53EECAFB48F3607681A30D081CEDC7E7182	82EB911D63BDC58DEF127425DA48FD41D696EAAA997F4437D2071D3537BA5E81
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\8e417e79df3bf0e9_0	data	44A6DFDEAD0E9843C1A32DF39EFD4B9B	42CA27326DAF0BEC4D85AF39A66B1CA7EA68F8A2	1196309D09D927B08E4F25EF56E3A33967ED6629867987A271B1E232D2F371A0
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\91cec06bb2836fa5_0	data	DDC565FC42CBA22CB571C903CE06542C	F00A0E4FD531E7FEF278E72F35501E209DAA9490	887EAA27B1CEE9127DDFC235E896AC7DF49CDE405AA03CD33E0FD209D51AC621
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\927a1596c37ebe5e_0	data	B3EEAEAABC5AD2BB53368364B1A500A6	6B6E534E720336B4CA22B2F17AD17DBDA346AB6E	5B2ACD73DDEC5393817E79A7B31075EFD64E9D3BD7B2192489BE4BB745756BB6
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\92c56fa2a6c4d5ba_0	data	2F78DFFB70EFB22E8A504951BF6346F2	3DED7E516FFF6BB785D2E374A6CA01C024889D78	B2E8C75F92D6F44D5456B527FB48591E1ED0E81A0EB252CC7903619B801BB89E
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\946896ee27df7947_0	data	9D8C14F0B46695A93EAADDF9A0834EFF	37AF828282415E1399A92C9209A1996CF3A64FA0	8D6016CDAD3B9BE107AF7F90239CFFBF712019ECF891413BA889A9346C3FF009
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\983b7a3da8f39a46_0	data	7F11AA7418A347DB05BC40D237595E9C	8CF61707EA1D7BE0BD15E084C12F214BE74DE5E1	AEB6E6F1BE1834C54F45E5FFE429A881DD4810E6D69CE85111A025284721A9DC
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\aba6710fde0876af_0	data	2246B51DD8025ABFD629DDA8DFC5CEA6	0B82DDA5B5EFDA64984D8B12B62B85004E2E0354	93A80FB4B8CB79EFC1F8A6B95F76AA525EB76B4015257913331C729E67E0EAB9
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\b6d5deb4812ac6e9_0	data	D902494DDEB4F3F0B961FACD78E3579E	60B8C843DE5599E5BD4FEF7AACFAC6F30884B316	7C055858699AB61C3C80FB3C83A6E4FAF6A7CD970471E337E1216B2E7CF8033D
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bba29d2e6197e2f4_0	data	8173BB6193375FE8B2020B9689415CB1	5F51CD1B218B72BB45B63BC6A4DA0F5CA87DC12B	FA2C4DB8EB2C8BB2F8523F0AF446BB828DA398C8C349D26F177D165A4B21FD6A
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\bf0ac66ae1eb4a7f_0	data	C933E2D82B3A806C71D649671171F938	90EE75FB10F949D819A1F7D822400CE994A2E230	6A48E42A159631DF094F1164E8FB80207B1EA7A4B7CF6AD88A7255E5E06A8700
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\cf3e34002cde7e9c_0	data	344BD46BCC1D479D66AAE6BB9F69E2C1	B4F7BD20A7AAE931695CDE612E25B2C181C61E3E	101D48E588F30120458FA462B55E28CF3E585F3E55543C35441CCE120915EACA
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d449e58cb15daaf1_0	data	348CF8B9E8E04166961F8DDAA708A964	4272AAB7A02938788CF43A481CA5337B9A42252F	43DA04B1C7A268943030378292FC179785495B025384647EE31023CB5EBF1D0D
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\d88192ac53852604_0	data	1295AB94DDB1A130AFD911234D4E89CA	50074CDB73494C3C9B85DC44FB7DE009AFF1B0B8	EDF22C9DDC3A821B617C52B2EC8B2DCD18B8B3B93E620A309E795640C277B595
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\de789e80edd740d6_0	data	A5945F76BC3FC56CD102184E6A87875C	EBCBCA93ACA1F1655103B10E9F6218FCBB2EABEE	857216CB0CBEA1C2BAADBC7200AED158D1F7E9231B3737FDE64D571FE1E2EFC3
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f0cf6dfa8a1afa3d_0	data	3D79C89BEF3295FF031232DA43EC6EB4	BDE1FE92F2EE923B649F2FB2989B8DFF9FAD8760	3A77224AA89BD0C63C8C3A166259D67835DA44901C094728BD612CD1F93C2E2F
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f4a0d4ca2f3b95da_0	data	7FB9A25CDEDC0F78A45266E3A6169A75	0D496101CDE962601E606ECC5B83110E93C071ED	728A9755B5F81181E0F2000CDACCE4B5C8B4C8ABFDD49BC0ADBC47A011574809
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f941376b2efdd6e6_0	data	41641895746864AEED9E70161C272A48	3821D397D7BABFC564E02DFAF3FFFE913F13AEF2	18D877891792A62DE0A9FAB934A35AA31C32062FA9FC98C0CBE984FE490AB417
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\f971b7eda7fa05c3_0	data	4AFF780C1EA40FF889BB2324410D2870	6C27A08BC904759BD6C313D2174605426581954D	5F22DE000EA62158833B0039FE9279F0E6D31BEC175C04E2EDD2521B9566B7C6
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fd17b2d8331c91e8_0	data	F481D379BE3CE3649A56EF890CB103CC	E565CBAA75DF9934CE10914D04F2A5A5F396CD72	03E211BB6BD20936AE139105782D31A98E64E154A787349EFB45672C52E6E56C
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\fdd733564de6fbcb_0	data	EA49AF970F9F7C37ECE424903ECD31D1	B30FADB414AF176AA5B59A03E78B87673A1BC1C6	57BBD203666AFC2B7C75ED3ADFC6CAF0728A1397DFF870CA2E81DB5F1E91CB9A
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\febb41df4ea2b63a_0	data	59CA02C939EE3630CF5597D5E07046CB	17439216FBA024C9C1552455B885C92BBA64384D	00DF701915D3C01F3F4704EB1C0E170F480865D7F899EC157924147B151C7B86
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Code Cache\js\index-dir\temp-index	data	23A1A85744D5735C1538C2B3AA76EDE4	1EF91A0B86B687AA387AA38358A4A000144F944B	B4C30BCEDEAC892781B911051B7093E72857C6D7751B3AD08BDF8D8997761C46
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\LOG	ASCII text	792A876184A16A16A277E9BD0C0F7554	55152B43962570E515248577537E6126B582E842	7D804C31CA09591948830058C961735346FA1F0C2B4141C1ABAF5B8CB83EA12C
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Visited Links	data	C5320DB321A0EC2EA0AEE50ACE073382	2E3A5F1F8C5FE89B022C94BD3574BECA1445D34D	10CB1245EF4F539D1B2E962879068A09BDCFD07FCEDB103F78A17338C73A6B22
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-210611173915Z-215.bmp	PC bitmap, Windows 3.x format, 114 x -152 x 32	4565A9F519E1FC5EC62C689AC8F5C1C9	7F50DA6A2B1CDEBFA26470B5BC118A4E9A1F47A6	F2430B5E3D5E24C0BBE6270233AF0CB8382977C34444813410A6CE81795CFE2C
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages	SQLite 3.x database, last written using SQLite version 3024000	8E0AB7D815B1AFAD297558F04AD6BEB7	46885C4EDC08DF18FE59EAA061CE732CCFF75C77	2F4BE45D570ABF4190E8D1A9A879164B078772F4DC74923B4455D7B6A75753D9
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages-journal	data	478CD4C00FE99F426AAF674DFC40D9B8	BED188F03FC50BB3CDDEEFF245CD547AE3A3DF9F	F93644A57F010AC867FB65FFD90591EB25AE6922308E89796AAFBA1C9A1BAFCA
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\6T0VAUN5\www.adobe[1].xml	ASCII text, with very long lines, with no line terminators	1E2A3B9A6A2A4310B284856E2ACEB18A	C8C1F1BAE4F1E32447694480DC716909E9F8A1C6	BB2910C86C48F6D78510C3EBC3278424F03BC61C1F1D0C519859E3ABEB1316D9
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\QUN6RYTY\spark.adobe[1].xml	ASCII text, with no line terminators	7ECB26FB33F1B14500E9D9CDCFB13DDD	CEC8897E78C7B09F9EF33E60B2335C96D302921C	9C583A24ED234A94AB76E39EAB2F6559DDCC3AE249C475FBBCE0D5E4ACDCD280
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{135EBDC3-CADC-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	EB2D2B22625666B8E26F7FBCCDF16B94	B4EEFFB0837C46BAB27003911360D8DD460C17B2	926DD3E0D490ABB2AE66F1340839D723694866CEF3DF18D801D5FAD857AC1764
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{135EBDC5-CADC-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	380FF961B9F3C146284263EE515670E0	59C3CB030B958C26C900BE4A9A7FF2E0879EC1AB	C65DDCC35D66518253DF56B51487557606EF8A1F7A1F156C2E38B3B2D1395BB4
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{1A6D0B25-CADC-11EB-90E4-ECF4BB862DED}.dat	Microsoft Word Document	4B229DB768417EC48238852B4112D225	B4324BD52E8F48D0D42BAC13098DB3D0BFB0A2E7	3EB54C3E904DA1136885987DE5C2D5A7C2EF99982626187FEF3F985F5B1CF8C0
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\ynfz0jx\imagestore.dat	data	1F2BBE148080EDB61592819A2732E291	AF6D839E8AA1BD1283B70E05216A92E9C7A06E64	B5C55B0E2C030849298D748810D49A9F2A8C75FDF7BF7C888FE0F6B629F7FDE4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Adobe_favicon[1].ico	MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel	B28BF60DD7E50B6DFFD394EBC0F9057A	9EA7EED87B689757780322989EF426AEFFDC8F7A	BF24C9E4D37F94D4BD2F870228FF421CA54B2949DB3391DBD3818EC0E6DB0F5F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Contact_72px_lt-gray[1].svg	SVG Scalable Vector Graphics image	901C088DD283B59F4A43F74D798EDC60	959EA9066F892F103A3DDA229D67619150F7DD7B	C45E2555412C2D5EC5E521ED5851B3D3665F90DD1DC645D6D59DEEFD71BC2ECB
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\GG8mUEsjQvSUh[1].htm	HTML document, ASCII text, with very long lines	02DF9DD00895D7E0017A343FCD94B7A7	982E84D3E85CCDEAB0C881FB9B5CDCEF3D676B95	B49AD6B8BA2A9617DD8F02411CE66B6579D95DDA2F8D625B946EE679EAB3DCE0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\Privacy-Header-2-1440x340.jpg.img[1].jpg	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 1440x430, frames 3	36815147C5BD0A82CF08ADF18C4CE9DB	F5FE3F3312117D43AF628780AD94F7409F51BC51	FA058BE1A59315346088172661F221BB988B929F4FE9CA7C2C98F49970D0109D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\PrivacyChoices_72px_lt-gray[1].svg	SVG Scalable Vector Graphics image	775D2556523FF33568DCF0EE25C3249B	8575AF9EDFEB7E1A2D1B7A36DA34F13594CFD7F1	241B307DFAB1F3CA3C626DF06C32F5472777A4316013981A121B951911B311FE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\RC5e5d1b9fe0a942c38190dc2199529941-file.min[1].js	C source, ASCII text, with very long lines	8F7C77F0608AE9AB17E6E07745FD24A9	850FF8C69723B05D83558C9832C294607C0E1C3F	E49AE1EE55CC0DB995DCB4F734C59AEC3669F9532926B03EA8912435FB777573
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\adobe-logo-gray[1].png	PNG image data, 140 x 32, 8-bit/color RGBA, non-interlaced	9AE66EC6AE11F8E9D108E160D2CC138C	2A2D777BB0F63FF0AC298BE41FE2F046D91572CB	6428A477DD15F959CB1B563A0009EDAA1EF0716852763792D0C66BCF1F4AF4AE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\arrow-down[1].svg	SVG Scalable Vector Graphics image	22120158C53146B96EEEE7777298C110	783C883616B35F64634EC253AAC05F2108B97174	73EA11E38E252B1D267A812BDE6B4F1EB335CA0770DCB60F9BD6A2E640A3DF3F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\big-yellow-exclamation-point[1].png	PNG image data, 110 x 102, 8-bit/color RGBA, non-interlaced	0C48944C6F37B353D14892E8EB9862DE	8FED687740AED3F235F634A67203C61EB7F5FCAE	8473E148A6C6B2199C07BD7DC0CEB54A5D943D0FEE634D56620763A42346813B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\browser-icon-safari[1].png	PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced	23B02AAF3435635E1E6C324D759B56CA	7DA557E711F8ADD60FE6493789ADCB97B6922A2B	22B7C23F2DED34B2B0AF1B6D908A533130ABAB7EB32711052D0CAAB35D50BEBB
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\cc11c7a4-3395-428b-9d98-bf562dee9fff[1].png	PNG image data, 1435 x 567, 8-bit/color RGBA, non-interlaced	F65E1BA320DE3F3D1F8C8A232F601D37	36B62D27D47DC712FBF12F8F8498DF7B1C8B9425	5632A0E95C44D65D9BA1F3BF455469DA835C86AE86284BEB9E7E7467138A7423
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\chrome[1].js	HTML document, UTF-8 Unicode text, with very long lines	DFDD3AA8B6F029403DC5DBB97F696EC6	05FF3F6C5F0B65C3C091E3B4D3CF69139CB46CAF	AB889D6962A84FF0A8812667F14F1073E30D63E8023C96671E1A1BB17CDEF50B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\crisp-fonts.gz[1].js	HTML document, ASCII text, with no line terminators	361FE227C22294543FE0FD29B8D28C0A	1D32C0DC6F27CA2A6C67E5C79DFC08DD39511B03	17D7DDB7C7C94BA00A4F60835AC14512B6574E5D6B81E99542D44BDA414AACD0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[1]	Web Open Font Format, CFF, length 30832, version 0.0	A24BAB0217A940502655CB39824C4CA4	031E50C9EF47A17C4077EDB15693225AFC16044E	1CFA3682C2D68F282C013C471044AE4AF711E990D13B0A4A9E1EF257BABFA238
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[2]	Web Open Font Format, CFF, length 30980, version 0.0	01BD649595C405E61BD162E40BFF7260	B03670659950A40A47F9658B71F69FF14F8DA4C2	2FF95F05AA71F6FE45D80A3FC8585BDE66210ECBC83A1AC494BD679A5CAE28DE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[3]	Web Open Font Format, CFF, length 30780, version 0.0	41291B5CC7AE5A302D0FF767D801DC05	A6B8FA2252C9563DE7FABC7A6F068E5D7C42383E	641E63A696D3E572B940226372365DDE29D2D581D614B5FCF66323ED46A5CBDD
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[4]	Web Open Font Format, CFF, length 31340, version 0.0	588A4A92645A9E137308924C68778A29	99F03745B7B06DB4201A3B00C6D9BEDEA3F97E9A	B3220E43420A21615A932915870167A21F7A34E64EBEF3323209E6A9553C1B11
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[5]	Web Open Font Format, TrueType, length 24744, version 0.0	A14F6E1E3181DC10FDB66D2A7FB54CA7	605808488DD7FEC481400AA948F80E66189D25B5	A4B8520DF89E973A968FCD3CF78F742E073EA9645D03ACCF360EB4AB5E6E1001
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[6]	Web Open Font Format, CFF, length 46088, version 0.0	F6772D5F038A33A09B062FA7D7FD1E73	19295E0771CD244E3C71F7D2D209B9A7309A8DE0	AF6B2610431D075E5266E7D97EF7B53314F04EC64A56CD8872AD5FFB85DBA88D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\d[7]	Web Open Font Format, CFF, length 58352, version 0.0	3C48D869909CC053C2EFA6800B492ADD	882C7495CC54A32EF795B89E9E84D1B69C3F87C5	CFD20EA88B7F7A1B3E18890AAFF228FD6F134095AF8F6DB1F66E4DD551B59306
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\e2042c70cc1c4a7dd81fb01c353d993dnbr1622136582[1].css	ASCII text, with very long lines, with no line terminators	CB372B95DFCAF79CF09DA253AEDEA8B1	08E7999607C2F6B8EBB5E07681B0F22857D88E94	118F4D0A8C85BFBE5E7DFA3162E04E73C6FCDA9CF1736B28F9472AA7E03BA2AF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\icon-footer-facebook[1].svg	SVG Scalable Vector Graphics image	79B5A539C142059EE68CA83E8846C412	97EBB1258C37BB6BCA866A4EFF63D67F8960D3FF	AE7F81F5F3D2679D1C7D4E099F16A37D5B61A5E9F580FBCB175DFFE53516A623
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\imslib.min[1].js	ASCII text, with very long lines	B439B689448BCAF4ED270F5AF5477C37	6E71ACE46CA64143CA6C7373D2C3DB960EB8F5C0	4492E3E27970CDEF4E460DA2FA944B12C09AF19575447F91DFECD9D587818A0B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\location[1].js	ASCII text, with no line terminators	C4F67A4EFC37372559CD375AA74454A3	2B7303240D7CBEF2B7B9F3D22D306CC04CBFBE56	C72856B40493B0C4A9FC25F80A10DFBF268B23B30A07D18AF4783017F54165DE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\m-setup-9f808447[1].js	ASCII text, with very long lines, with no line terminators	E506A21C909F422EC580D07AE67D02A9	433ACE5C2D8E30329CCF06F20EBD5716D28C3A97	013173243A5FC47030B79878154FE50E0075F4111FA071E5459A10206E18D0EC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\m-unsupported-88cd3215[1].js	UTF-8 Unicode text, with very long lines	E4216F66DAE5AEF0264C54EFBA38DFB7	0DD6C2AE19455C49E4820FB57C7A28AB22D5C2AE	DD6B957EFABFE9FF7EF0F508C191DC635C269F7C3E192E7641D1878FD210829A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\main.no-promise.min[1].js	ASCII text, with very long lines	CCA018E06A68F94A49E79B2B87096FBC	1DC051BD56CA3E2B0ED6E95AE56FC449831062D3	350A14AAA52348E4768E8146C3449D7789C92344C4537CE31CF137711E5A90E1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\marvel-landing-unsupported-ec51f18c[1].css	ASCII text, with very long lines, with no line terminators	C619CDA442CF0F3808A18ECDEC51F18C	A2D5784420901F3B9BA979EEB50C3BF769ADA3A2	D53F86A45B7263BECE92128951805436235C90CC77F67FA45188EE6BEF7BA4FF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_11509db7f6d2114f580490ba33b5f8b113df45a01[1].png	[none]x[none], YUV color, decoders should clamp	C64C86FE6BF1E64917CD40F51A3F0212	EE0AD8959A9619AB9ECF6447A73233C38998993B	E5F1BD8E854076333BB35D12C7C8AA4764F2F9692A9DB079E0D2B0EFC80BF426
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_11ac71813080b7ad80d8486ba8212b564a66f1d25[1].png	[none]x[none], YUV color, decoders should clamp	3519DBDEC738221B4ED56F146889B0C5	8368D90BB91AB4BF312B31A0959AE311AEE8FB7E	F3884FE1C01470D8BDA7E399CF81D46299FFC11C39FD6F2C74A164607505B0BB
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1203acb3d260e5e6e58ad701c56479e3ea2f24dde[1].png	[none]x[none], YUV color, decoders should clamp	40F31E7D1C620A53849C0EB68A13D79D	5D5E02091ECAA3A78234C7716914D8C91F0F7559	619F71DC13AD6BF9E97884D4098E8C31FE611E0FFDA50BE4167DE7188989199B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1214e0e49cb388dca5a84c369402d152a38682f84[1].png	[none]x[none], YUV color, decoders should clamp	502945F63FBDD30964F4CE97871AF3A2	E30785AE564B46CCCABA0B4CB2E1FA05B4ED0368	9AA4349900A643FE5FF83FD15985F121A4A155D9D8DB421F5BFDA166A9CA5ADF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_12be25e65cc93e1440bc25fe8d545d5755fbd3f9d[1].png	[none]x[none], YUV color, decoders should clamp	75340F2CA756FB72A15C6A269E20C3B6	96157EBE0D3D143A2C6B11F52D881C0AA9BA01E5	8A1461DA7256179A86600B5C14F2BBDEF900851D8F40D82FC7B438AF8D89DEF9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_12ffb8f594d179340cbd2d62c4c20754c61bef675[1].png	[none]x[none], YUV color, decoders should clamp	16B03AE7E942E7CA2A756CFA4865A71A	2CA89B1B463E27B5C1D90E7073C7A99FA3513144	08C2F5D4031764B1C4968B8195EEEEC7659BC1154656C0830D4AD632C4382A95
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1305c910c0a67cde46c623497f55543f11073ad37[1].jpeg	[none]x[none], YUV color, decoders should clamp	396D3A51520B2A4909BDADFD389DEB05	C7E82C11A8A5657353A1AC24747D2947AB2548C9	FDAE6BEFD121ED601DC35AC46B10CD9DEAE9A1B774FED0499863F3A802D48F2C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_136c5cb6ad4a0d600e590f39420d670bb0df6b5c3[1].png	[none]x[none], YUV color, decoders should clamp	37E2D15C114E6D43DBEB510CE1C12927	3173B72D47EA2685B7F3D25ED6BEF3E66E2018B7	0600C75B7CD5433C681620372ED2E5704D35E46B191995AAF1088C1D1A5B9579
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_13f1bc71a8681cdd7cb22c202f5a3c11bce1c01b5[1].png	[none]x[none], YUV color, decoders should clamp	C82FA189EE214CD72B7CC9BC103291C1	D940ABFD7668D8A04ADF4419CB8A4B44542D5781	13E2F45B312E32569613AB0CB690B04F6F1FA51322678D758AA6D9568E2D8366
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1414f90572f278eae7d49cf2222e9b7d0063180cd[1].png	RIFF (little-endian) data, Web/P image	5A509325B04D91D2F591B9354DBF978A	5B3FD56483BE38F599D69F7E84ABBE260C98C11E	B194025E947012B53598A578437208ECAA6EE2BFEBED193E02C08131CABB3E64
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_153a9944efc4f66008369b127ef8ac607cf5a2f2e[1].png	[none]x[none], YUV color, decoders should clamp	83419D67087B63320C68B3EBC4555826	062F4932098A68F9599C2C99EF53294401BBE559	DA81D743FB878FBA7554DABC55A0964C052A6D56F5A8D4FBCB66E9ECDA2B16D7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_174ecc6dbabbb98eb5dde237dabdd3d20371598c0[1].png	[none]x[none], YUV color, decoders should clamp	10A85D06B222424CC9C9571EABBA257D	5C9CCFE9E6E864EB79EAEAE478E8DBE444BFFF9E	F554F18D1C2B96AC105581380A48F0BEFCBF4057B04FDB117D0A2856884F4BED
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_17f1e6d035b268330c49c1a92e3daa7ac9e6a1844[1].png	[none]x[none], YUV color, decoders should clamp	F63210EFD2178990D5D077B20BB4F468	6FFD154323C6BC68190A28F0FD306F1135E79D35	2FCC885BFF41C1BA0F3003EDDEE547B8D198D5E27B7452A7D5597C827BAF6F0F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_181b604b63bec3b8bbee889de292d1daea1530139[1].jpeg	[none]x[none], YUV color, decoders should clamp	2CF10D42514EF842F3BBF35508623D23	831045C456D1606D73318BFFB9DF178CE6EC308D	572A525434EDE642C011CEF6EADDBCD485FA8EFEB2D323E0BA1CE14C86CA6BF9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1968c8f3dd906c601b557aba0c66fbd643d723203[1].jpeg	[none]x[none], YUV color, decoders should clamp	E10BCDBAE85362CF7AB1FBA39B7C8C4D	649FCB45F298A86B1D9BCF927F221F6D52274DA7	491CDDBBCAC63FFEFD69CF89C3BEB1F55A2D0DC673571111984649F8C86D0CE7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1a5f64a3bc2be800f6f8ab67daf17e7f0e7ce636d[1].png	[none]x[none], YUV color, decoders should clamp	7B3EE46514F25D79F816B2F2A0E2D6B2	C452D57F2864FC6E88C3B8F7B191CF1B92E73F1F	5BBD58CAE1FCF68200DF325AC9BA0130B338E17C975873207CFD85618889600A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1a92e0ac878c2fd223de53d35d857869c15554031[1].png	[none]x[none], YUV color, decoders should clamp	FB859E52DD20BA87612747105AC952B0	AD06A39BEE6B13DACDF62CE5A3FA6C4AFFBF0C89	71A1DAE9A84B243FE87BF0AEA3CE75154273B5579755475FD09253E650F705A8
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1add7401488fed12c28150125da85e141e2081d96[1].png	[none]x[none], YUV color, decoders should clamp	13AB0F1839F68C406E8F6F9CF3C359B0	0931E45F5C57946B5948A750E4F50229E3C3DF70	8FDAA9139DFC94373125757FF37216A14866FDE9F86AC4C4491CE5F50240E663
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1b1edc2eb0698cdb9a2fe1b8b32e420743c6137b4[1].png	[none]x[none], YUV color, decoders should clamp	B1FDC53A3202237C8FD7FC9122BEBDDC	7A534922F4B6333901AAB35F50138B7F8ADA2E63	09F6B16C71FC41F43FBD74117093D0009954793DD0126AE23A0F044311050393
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1b38db73b9263e2bd685fe11c2242ed6136b19817[1].png	[none]x[none], YUV color, decoders should clamp	B4CCC992BE09F3781CE87A97920167DC	4F5DAC1464B845C8C0197B1D93AA4C4A8215529C	2BFAFA74566D2A0E3B241A192EDD587F8A50F3099FBAA00F96FF4E9481A01E65
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1b5a859a32101bea5202fb9232db232ae8ebcbb19[1].png	[none]x[none], YUV color, decoders should clamp	5314DA4AF60386C0BAE102AE56BE6CA3	284E8205AFBE373C5B90E585667486F070613AB6	E002905334359B1E2E572B3654287E65E8B4BD8ABC0074000D0BBB67A56606D9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1c67c6f940a8a1dd251dd13a8a3d506453ea12dfd[1].jpeg	[none]x[none], YUV color, decoders should clamp	9086C7D7AA0A8089B4E05B08293F6F9D	69F04C536D16043C6F883E97EB76DF5914956333	B07B2726B3098817BCEC307309EBBF5073E2459794D3D0D1DA4284FED2D351C1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1d475ea237f3632359c1538d48da93b1deff5ed7e[1].png	[none]x[none], YUV color, decoders should clamp	AB3FE31B4A563F72F1975598178630DF	D7D90BBE9BDFAE5A4721A50828819DCD5959DE41	C29607EE46628C768510C24E82A215A4998A5D6844E8BA4E8C1BA0F2944A0E2E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1d5c2fd0e78fcc873737cc81c99fc624ed4df5df3[1].png	[none]x[none], YUV color, decoders should clamp	AC512576151F38EDF8C8D160B01E94F8	8EB19EE5D2B1FB260AC9619EC3591C6D09A2A27B	E0F5E08400A153C4B8FC664BC9CED6D04FD3C0366E32077D7657A09F9472E042
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1e13cbc31404e8b28464e9b87cd8a6537e45b579d[1].png	[none]x[none], YUV color, decoders should clamp	2E13C36813551BA9A53B95EBE85D23B6	A17AD1BE00D473D2107ED041360423BABC7BDBDC	368A81B50ED78494D7CE5A31D84CF6F648F14042016A20478F8B872E3D277D64
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1f454cd3a74b3ab1dfcc2a270adb56667aa8edfa7[1].png	[none]x[none], YUV color, decoders should clamp	FCE89816C225B6C691848AABAA217E2F	F4C7F2B1A1680D83739B2A31B9DF463BD4B4C25F	CAD3707C9E7E0753223DC9DC427C74413F94906E1DAF5731A271626A579B2A8F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\media_1fbe27ceda148e90b1a869766a19fbf743b5d9f9b[1].png	[none]x[none], YUV color, decoders should clamp	6908028CE513CF5D88FD2BF5EA6E7D0B	2BD65F8E03099133B745E75849AF230D2F78BADB	315800580F91BF51FC7B674FF02A0981668EE6B9363EB119BC274479D32B6135
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\p[1].gif	GIF image data, version 89a, 1 x 1	81144D75B3E69E9AA2FA3E9D83A64D03	F0FBC60B50EDF5B2A0B76E0AA0537B76BF346FFC	9B9265C69A5CC295D1AB0D04E0273B3677DB1A6216CE2CCF4EFC8C277ED84B39
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\premium-badge[1].svg	SVG Scalable Vector Graphics image	AC213C9AED6D9F97497F5F3E58B862DF	3695F283B1194AE0E52576C5E4E37BFA1162F377	12B7C826926477E07EF2BE4939FFE5978DBC55F7414E84202DCE3595A75BCE0A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\privacy[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	7BE072D70770F73DC60E6E09A405ACF7	7932FD89B02EC701EB0ABA30E95EFE8A28065CA6	6EA10BA72716954B9DF2ED0A4C99CC5BEC0BB1B7CF933FE63B4BF3D743D0C1CE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\rbi5aua[1].js	UTF-8 Unicode text, with very long lines	D464D0A61D4E34F4C431CA31D0F7E6E8	73716727BFD77BA586E907A9FFC33FFC39CA73BF	29B51B31FAF8A954EC0209189E1A6491AFE94CBE50D1E16679FBA7561AD2BC5C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\sparkfavicon_v2[1].ico	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	79FBE30FC79A42EAA8A32DC344959E0E	09AC6EE75F9686BAD2003926C5FA8DB80777E981	01F2FA23190A55B0B5F9DF0E0B66E23D136B7701BA3CC9A71FDAEDD409D92345
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\0W10PBUV\unsupported[1].htm	HTML document, ASCII text, with very long lines	E5CBCA1797F47CB380B655C22AC3797F	EF32CCDC4917B675428E738E0766C533700E5C5A	184A779A82844FEDFE0A06ADFA4A2DA912AC740A64F15B17A3A02F9EF8972EBF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\7a5eb705-95ed-4cc4-a11d-0cc5760e93db[1].js	ASCII text, with very long lines, with no line terminators	526B16D51BF2FE4666A13EC61ECD9C72	DC53861E92C2891C0138E64DB9F7AA6B3F8D2AA5	717CDB76535A04A9DEC6F2F6773475BE9574AE304CBA44F7E1A56CB26037D85C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\LawEnforcement_72px_lt-gray[1].svg	SVG Scalable Vector Graphics image	203D2596591DD98304B03BDBCFE7948A	145A9AB021FA39848CBF9E95DB7132554469934C	F0F7F1BB8276F731235B5519886DEF7081CE2AF2A906567888F5CC1F7BBD78C1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\Privacy-Image-1-1440x340.jpg.img[1].jpg	JPEG image data, baseline, precision 8, 445x300, frames 3	357C45BE36FA0CE8E2CD561773C30BDA	1E8A908D9D14AAB718B48CF4CDD59267021ED235	FCB9BA715B4E111C01919EE7CF40128753FDBCE86DE4C68773AD951A15F5D78A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\RC036830be72f242959c7b9ca66cef0c85-file.min[1].js	ASCII text	C3227D3B12693BAACF400A5433937584	3517AD497A87EBB909D3060CB67EE179424AEF69	B0C9DF48D4E25F293A62DF986B6120EF3C9CA942460A2BD6D94484CB09C4DA91
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\SPRK_white@2x[1].svg	SVG Scalable Vector Graphics image	A29E0C074D7C5E3F6A54CE20C5FEA0AF	8563F7581C1939067B4AA354E78341BC46BD9E1D	511C77BD64C8D67BE5FC38F107B5005F32F38386A8142CE13753EDABEDD50B86
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\VQ7VQOGF.htm	HTML document, ASCII text, with very long lines, with no line terminators	001D8E7CB39FFCD62CB33BCB0CEE44B8	356AD556EF76120027FAD46377485AAD0DDCB8FA	31FFA6BAEC76D65C7602CAADF6E772C68CD393A3EAF290E041C3507EDE90D4D7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\arrow-down-white[1].svg	SVG Scalable Vector Graphics image	65C98FE770DF88672CDC4286AB61235D	CD8889551C6FCC6A9B48D63F311019CC24DEF75F	6FCB3483F32434F91E4BA90A5A728AD5AD1C402A4929B991098B5FCFEA4D2F9D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\base-fonts.gz[1].js	HTML document, ASCII text, with no line terminators	1C75FB60A6530DC7F95725DED413DC13	A6F43A1C5E1039C212879090EFA6411008528FAD	E99BEC104ED648FAB6ECA0D41AB2B793A05E6A3305B24483C681C5BD5CF5C325
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\browser-icon-firefox[1].png	PNG image data, 126 x 126, 8-bit/color RGBA, non-interlaced	CB5D8684D59755A275761D3FD5A3DE21	F69AB8011CD09A7A77536F8C227CE05981DB7791	180764AE8307B091F22104F366FAE7830DF994763C613977F4F3EE70D194A695
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\cc11c7a4-3395-428b-9d98-bf562dee9fff[1].png	PNG image data, 1024 x 404, 8-bit/color RGBA, non-interlaced	F46F0FA3B27AD3A40BD275D74214552E	4F1BFAFF77CBFF818A3EA009AA9FF52661310BAA	808D8C4E0482AFE47912D8E2A5540D16225CF1D901BE275C0AF24B67937CF9C0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\d[1]	Web Open Font Format, CFF, length 58640, version 0.0	AB2058631920729DAEA04A14330239E6	75A3B6A23B5827E1846CBE040E40EBD6BA494272	2E5A6085B998F5B4EA3EE7B2FF61C59F7A7D66F22166F49029EB42A45793A220
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\d[2]	Web Open Font Format, CFF, length 58140, version 0.0	5BDBAC45C303FAE0D497E3EA06A27A7F	1816C0EF35D230FA3A177E9F719BA03DEEA73B25	32CC0B7A4C262A62A171D801F5B0EB36E8FD320B0D10D81189F6FB4F43894621
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\d[3]	Web Open Font Format, CFF, length 58264, version 0.0	E81C892E355CD99A8D3119D358ADA72E	F1267F500B7DDF4924CF599E8B53F4B389BBA362	714DEFCA2714E79B9293FCC2468945C0AAFDB11D2718BC623A5C974B2A56A5B6
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\d[4]	Web Open Font Format, CFF, length 46708, version 0.0	56C4BECEB8718DBA19272C320458617D	5251C59F6956B0EA50D9B4A21992B869772A0AE2	E89CE18105C28942D113F667B17D952129C0B66D3101DF0D38C18A42DDED47A5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\en[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	64260D8365E59085E6E91E554487EB6D	83272011769DF702916D6DA5875591138F616BDF	194D4EA20F2C9834477F36A1A9C307F86C1E833C79420637C3CC42A17CAF1870
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\favicon[1].ico	MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel	79FBE30FC79A42EAA8A32DC344959E0E	09AC6EE75F9686BAD2003926C5FA8DB80777E981	01F2FA23190A55B0B5F9DF0E0B66E23D136B7701BA3CC9A71FDAEDD409D92345
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\headIE.fp-f9e44dbeef5252f4d02c4ed9c4b6a618[1].js	UTF-8 Unicode text, with very long lines, with LF, NEL line terminators	F9E44DBEEF5252F4D02C4ED9C4B6A618	6EFF709B896F31AE0F73C4F493DC081D51771F20	673875DD89E08974EAA386C2D7DF3F510C9D012E0DF65138347DD739F154EB1B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\icon-footer-twitter[1].svg	SVG Scalable Vector Graphics image	41324C2374C498667DF60F5DB9ED29BC	E1D68AD0BCB242CC76D34A7D71C78ACFF9F25EFC	1C48D8EDF7F69BC479F00DD25EB2399DD2BF6F0AA3BF128089B0A7A1D8958D5E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\launch-EN919758db9a654a17bac7d184b99c4820.min[1].js	C source, ASCII text, with very long lines	29B0DCC1B3CE7A8D33943ED3C1E737CA	A76F1F2682837FF5F8CC1D96377C17964D19488E	A0AE50E6CE6BB2E728756629507BD505142A305EA2D7CC761C0F8F8F9DE39E87
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\login[1].htm	HTML document, ASCII text, with no line terminators	4DF893C096E968AB098632EB452A252C	0ED4EC3D8D81E70B9D1A9E6E7883FD8E22377AEC	668862C1854D47A4B178217DEC164025A2A4B1F45CC1409B9D02762DA50878E7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\login[2].htm	HTML document, ASCII text, with very long lines	4988454B1A3554BEB92EC9770DF5B61D	400023351BA1665AF1B4C25D06BA9991C537EB2E	FA3E5AD84C52163CB5C4AB41CE35A945CE9336300718A9C9983DE05088DFB801
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\marvel-ui-faf07216[1].css	ASCII text, with very long lines, with no line terminators	9B374CB80282B92896CA0F5BFAF07216	B31941ED10E9E8F193F5DC53A82038176576B2A1	D80D62755CC96593980D61D32B743B30834D3DEF42E152168000841F143ED8A5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_10135ec5cad0e192875b8c4d38367486cff2f8bc7[1].png	[none]x[none], YUV color, decoders should clamp	4EA608D017AB425AA8F519692D4BA62A	36F01AA33FE14613F71923E9FE5B8F67B071E26A	8647E45D46B91B110BB697FC3030BBDF26F86B1694654BCA025F41C0E80C107D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_101f95855e967721bf3a66e02d5c53da102e51674[1].jpeg	[none]x[none], YUV color, decoders should clamp	D429C48D851C6A5FD97402FE1ECF4792	1247216ADE627ED5F346D0C09F707A11B902FBF9	2F6C56593996954A745B48834D9914C2D00BF0236C51BADACDD92C9869129402
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_1086fd2a59b94c30b4908a573dc0dee6577320e1f[1].png	[none]x[none], YUV color, decoders should clamp	C03791504EEAD41C916479068F7180CB	FA860BC1BB755161338EEE6AB9F0274657C8FE6D	67577C133F767FDEEB8C6E5ACDCA36FCC1D3FBB7BC53D21E9CCD937ED06D6B28
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_10937001f471d8f9b59f9756cae4bf971e62366a8[1].png	[none]x[none], YUV color, decoders should clamp	44564749B02A8D1B77A36771A984EADA	9D4CFBC4080450CEFCE1FBBDCBD6B86DC7055182	B5EABEADACCA5755C7238E42A0C1AC1719411BEF4A75E7E3EF059770810950B6
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_119fa8433c6810e9daf1b00f4e515aadaf1026dc6[1].jpeg	[none]x[none], YUV color, decoders should clamp	EA850821A7886F5CF06FC88418B3D36C	85F9E54C082C066FD376228A2A0E4F9C1B7EDC8D	11F2C079D12E42C4FD013839AD431A40F28D130088FF217328B70412A89AA57C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_11fb5a668e752872011b30935a3239bbf547aa4f3[1].png	[none]x[none], YUV color, decoders should clamp	0A848608D2AA16292D8F563D9EB1D6A4	0F11B1570805475D979C414322EF068D2B663584	37B682FF0028C4BBF5D3FD717359DE7F87E0A019867445B4DB398EBDEF4CBFE7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_124e34d3819ffeb81b5d7792530ea9a99961b1948[1].png	[none]x[none], YUV color, decoders should clamp	1052D0B4FE4E3D6A976E0C0D866DA0F0	1C141848060AEC58146088BE62CB390B94B84A01	98DB8F4F2D6892EBBF1B22663E02F4BADC8882CE22D361C057BF0456AB7112D1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_12cf6ece47212fe7f4436d270c236898bfdff65ca[1].png	[none]x[none], YUV color, decoders should clamp	F21D438E8534BEAACBE3A60B9ABEC0D6	9BC71FB425CC40695397A7FE371FEB8AAA2C6AA9	98B20205EE4277896203FA482BDFFBE46178E03208D42A662F055AB79034CEA1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_12f25246ef43123b4685f4a829d1afba8e4a646b1[1].png	[none]x[none], YUV color, decoders should clamp	FDB7A0E70AD1278B121F752914FB73C3	7DA23F1E586B1EA4B12418BA3730BF3B26240FD7	4F95CE6CDD0362E9C563F8F8739C82ED4FD08A909D43CD6583F44370EF94D56B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_13162a689b7729ba1d9ae15bb5bb07cde29392f4e[1].png	[none]x[none], YUV color, decoders should clamp	FA02014DE3D97AA41DDA1E45C5477AD5	D9EA00AD0DCE62508D0A932ECEB901A1B79110EB	095E1E76955CE2082BC565151D5B3FD144658B9F18F164A0B59E28CB5ED81A68
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_13f42f554dae61fb2c87c959ba3208317bb5507e0[1].png	[none]x[none], YUV color, decoders should clamp	16667B7A0A947BA132EE07695FBFE064	2862AE32B7815D0EF1A59B6D5991618E3C62E74A	1145213435965C31D4B56341EF55D4B24BA935AC7647A3E5A2C3A41B9E75BCBA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_14abffd21a7d6097f1e2ae3f31e97c67849e1d60a[1].png	RIFF (little-endian) data, Web/P image	2678D0BB8ED0533BE22F7D0CA737042B	D71AFFB93796AA39093DCAAFCCD2F460F25F4B69	8E98B9F3035D76189B158B585694058FEC1ACF935028BA2F321025D28A6A8129
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_1634648ec8e96f938b7af9d04f6b33dd47639079d[1].png	[none]x[none], YUV color, decoders should clamp	0BFC76C835AC811DC2DA141D6B5A29A2	CFDD383500A5A16B55D0277CA018D787ECB0C3E6	88FA63967AB0D4E7C9EDB61E5BAE0251F0B54CAA9BEDFAD1012358D3D705A577
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_1810494ba8a85a4e63330c695fed8f89b5fe7a539[1].png	[none]x[none], YUV color, decoders should clamp	ABC71D510C648ACC781FE763C67BAF38	34F2428D1CA96B7B6B8C956C10D00EE28AC42DC4	A9410090BD0C03DF5DB7FED463F4AB0C821029E2A54CB8F5C454EA35F7361D58
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_18213dc89b86cad2ba1ec4d4d422be8ddbeddff77[1].png	[none]x[none], YUV color, decoders should clamp	3EF437420507DDEA237643058194827A	E6342ECD457C545BBEEF97D3D1EDEB743B60D295	42BF6CAA029E18AA42360773590164C56E9BFD52A1C0E7A178D64266CCC2DE6C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_1942b8dfa3fbbe527b5be1e94d82f53fbea6204dc[1].png	[none]x[none], YUV color, decoders should clamp	98D84D379B085C1A12991B52C780B977	C4E555CF3F6C9D88D5DA54F5FAAD6B83E11B07B5	838FB7F888311DD318D82F8E101B1431A705CF3255F94B54812353CE9349E470
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_1bb9f1a0edf3462d9562f6f244d0f5b6384f6f52e[1].png	[none]x[none], YUV color, decoders should clamp	F60ECBFD066BE3BE2EE79EF270D558C3	DAF9A9B6E6BBA2EAC80B93EE28F4BF99858C958D	67087996A52DC621CAB6B7699C79121BCCE99C01641D906375D632F681F79583
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_1c49f1e6fe15805a0bcb06e3f3bd77ace97c16f0f[1].png	[none]x[none], YUV color, decoders should clamp	4470ED0D4F06EEE579251F03C19CA644	4012B65018697A5BCB74366CA018E2D4EA49A297	8E36339D3C5DAC82836A617CAE7AD7BA04919D73C5B32584FB48A2380423E6BF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_1cc107ba3f6747d506e66e78ba351a10e1ea52e50[1].png	[none]x[none], YUV color, decoders should clamp	FFB2F4DCD04A384C98B2BFFA0800EF35	DE082F25370B4BD789E739B1B38299FFA45EA17D	AB9842D8F4FB826A1D6BDEC61315B0614F0B274F12EE41BBBB9F5FC1FB86B985
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_1cdeb1f9cb9561fe82bc565c32db4b1b730dbfe10[1].png	[none]x[none], YUV color, decoders should clamp	73BD29F0E29083B2F40BD79BBEA99AFE	685A38B5D01C1A5E53B21C166964AB86284F27C4	BF6BF34BC41671E0CF04AC6E3611CB2B781B12184CB694BDE2B8E8494FE6D165
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_1d19f92a3efdead52618f4707fa8f2fc6b2fca809[1].png	[none]x[none], YUV color, decoders should clamp	A15D253E770CCB02D8C13B28AA439E62	58C054F4D73CBAB8A81B53C9DD29C7BF52880691	CCFEE07EA88461FC51CE8EFF947B500304C707EC38C45DA1F595E9C283B2A682
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_1d1cd9f4f52ee7cd0886e8fde08f4157e1756841e[1].png	[none]x[none], YUV color, decoders should clamp	9BE513D1D1EF7881B749103564658A38	69DEC5AC6B1DB57E6C7979FF771391E13BB689D8	C46F2D8C9678C20CDD1456A671ECC328B88B4140F4FF5F30788E4DFF4E681867
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_1da184d25b31249c37bc324022a8a9b7cac374412[1].png	[none]x[none], YUV color, decoders should clamp	59C331BFBAD3C2EF6B45378D2DBB9388	E014312EA61EF95CC7DF1867B324A9253509762F	B67B9473503BBD8CB7B06C9B54F315E99EFB8D15312B05E699B5C9B56D2C85DE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_1e39ae16b1cc3a98c149baa1ec6e5f9ddd9d80afd[1].png	[none]x[none], YUV color, decoders should clamp	CA1DFBBF3AC421BF0E616E2BDB333394	D1FC80B6E0E86509D6F73545F2681667E87DEAC2	DD6BE9B00F425848C5EE792C9082E459A6F01365CFB23226E67876E05AD341E2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_1f32be53e4c9aae4eb853ad4ef058c861bf97a4d6[1].png	[none]x[none], YUV color, decoders should clamp	977D1B0648E51CF1E42BC2C3925CB52E	351AF416E28BF5BC432716AE38A29E3D0A9D016C	CC05CF404512736230739038981A9FA6D987AAC4C5A71EDA0C0852236CEA96FA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\media_1f993e61cdb66f59a3b561bdd8a7b091beb456077[1].jpeg	[none]x[none], YUV color, decoders should clamp	C25BC4B7112ABDFE0229568AF11B5285	E6A28D126F750643EBD5152F7B22ED6B1C345F54	98F95E3A1348C2104A63C06E27EF45218FC47A5B4E59BA2F5F47875B8E438133
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\onz5gap[1].js	UTF-8 Unicode text, with very long lines	DAF93A792133E2F3BB29B04E819231C5	5597BCE352A8B04E573CCECA126EB4912C626A9E	1B586E639CBD3E2276EB3A1DE829E913806653FE43D5C19A7ACA128A43DC69F1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\onz5gap[2].js	UTF-8 Unicode text, with very long lines	DAF93A792133E2F3BB29B04E819231C5	5597BCE352A8B04E573CCECA126EB4912C626A9E	1B586E639CBD3E2276EB3A1DE829E913806653FE43D5C19A7ACA128A43DC69F1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\organizer[1].htm	ASCII text, with no line terminators	580A7ACDCEF4380F0D805227BEE8B5A5	E8F88656955C9BB5F788587E2F7BB8E936B5A39E	D153238766EB74073E2497DF5D37EB9B37172485F36981A702FA7D8483CF03AB
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\organizer[2].htm	ASCII text, with no line terminators	580A7ACDCEF4380F0D805227BEE8B5A5	E8F88656955C9BB5F788587E2F7BB8E936B5A39E	D153238766EB74073E2497DF5D37EB9B37172485F36981A702FA7D8483CF03AB
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\otSDKStub[1].js	ASCII text, with very long lines	E72DDCAFA303FF93A0E0FD6B4E335633	0148771023BF66CAFD35D8F35881A196662A71DA	1DD4C3F1EA5B28CA04D4F2391197C4B57EF93D2D79CA0656BF6C5D588408E325
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\p[1].gif	GIF image data, version 89a, 1 x 1	81144D75B3E69E9AA2FA3E9D83A64D03	F0FBC60B50EDF5B2A0B76E0AA0537B76BF346FFC	9B9265C69A5CC295D1AB0D04E0273B3677DB1A6216CE2CCF4EFC8C277ED84B39
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\p[2].gif	GIF image data, version 89a, 1 x 1	81144D75B3E69E9AA2FA3E9D83A64D03	F0FBC60B50EDF5B2A0B76E0AA0537B76BF346FFC	9B9265C69A5CC295D1AB0D04E0273B3677DB1A6216CE2CCF4EFC8C277ED84B39
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\privacy[1].htm	HTML document, ASCII text	603135FFA99C99EBB6FFD7EF15DA8695	23A1A98130B2E61338488568BC33668B74D13760	64162C4EB0A1C365FD77EF01458B6C7967AAE790E3E41ABE18ECBF7C7D210439
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\rbi5aua[1].js	UTF-8 Unicode text, with very long lines	D464D0A61D4E34F4C431CA31D0F7E6E8	73716727BFD77BA586E907A9FFC33FFC39CA73BF	29B51B31FAF8A954EC0209189E1A6491AFE94CBE50D1E16679FBA7561AD2BC5C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\resume[1].htm	HTML document, UTF-8 Unicode text, with very long lines	B5E54419B7EFEED6E4754663FB34AFBD	2D50AE237D8EA963A9FCA1DDDB86FE9E2299E799	54E61AEB95BE92C8F60F4DAA3EEF07C2F6DB0E927EEC0CCFCDF6DAA42C9AC73C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\runtime-prod.gz[1].js	ASCII text, with very long lines	B0F0C32B9B49DD909CF36FDF4ABA491C	4DD35EEAA3B72879BBADED3E25109983EC736214	FAF1701455C322D60D4B5B27832D2430EE3B9C3D6B52D7771B4BB6F224784540
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\runtime.gz[1].css	ASCII text, with very long lines, with no line terminators	413473DA67E4B51BA0944226E77C3F56	D8A80CE0CA07C5A65D9FE76EE6A5DB3D68668E78	630DD73CC8AD2A52615AED23D16CAB6F05C1307655414D4EBE97B6E252302A8D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\s75114678598274[1].gif	GIF image data, version 89a, 2 x 2	AD480FD0732D0F6F1A8B06359E3A42BB	A544538683A2DFE574EEB2E358AC8FCC78289D50	A1ECBAED793A1F564C49C671F2DD0CE36F858534EF6D26B55783A06B884CC506
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\spark[1].svg	SVG Scalable Vector Graphics image	907B6C4171506C79784218007A40BA44	439E9CAF7CDC5B93A3CA412EC4EDA6338997644A	AC0A282DCE35E91B761D9E69142973C44CD495E468434DCF1AD249F498D00788
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\spark_logo_v2[1].svg	SVG Scalable Vector Graphics image	7AAAA0B29E8320F055FCB0A8D8A9686C	812CEB49C501F9EB444AF3C8DE86D6B61D052024	00E24734BE21E153DCE4E51E078A05D9A191EA74185D225C4A27B4434E7A0578
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\styles[1].css	ASCII text	50ED2FA269F431C0A417BFE9FDED33E2	80D79B3245378859380B393629721F306FF7924D	3DC5C5C6562569E53273584B35FFF491E32E2E5F37100A21B2BC488F229A7EA7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\typekit-load.gz[1].js	HTML document, ASCII text, with no line terminators	5D83D0AA1685849B1ACEB2382FB6BEF2	496F8CB19AAD2E89C4748729BD096CD69C96F79E	7DACF0B95D4AFF38FE7E25986827EFA6A5C9B1B180C66DAA7D61CD2F862FDE1F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\MEEXW4H4\vtg4qoo[1].js	UTF-8 Unicode text, with very long lines	46700293FD68A3707BEAF54E63C4D9A8	5F1130A35AC5C767DF52A13CC14D412B0A1CC0E9	413B5751660E454D49C8430CBD09054C97E7B0560660B14892FF6048E4CDDE46
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\SPRK_color_hover_v3@2x[1].svg	SVG Scalable Vector Graphics image	E9D94F821371E183B8B58F618B2FC161	792948E6A17CF091CCDC329A09EE22BF1A1A9CF5	AC03A140536DC39782AFA5C742E10515D20C24DB3152DCB04471252C856B7FF4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\Security_72px_lt-gray-01[1].svg	SVG Scalable Vector Graphics image	82139CDA626B6F7046B190923E4E1678	CBEF7F51F834C6EF8197ECB1AF9F7C1C1693A44D	12E03ED2EEE83C341A3DE969B11CEED1849891C2775434A06438EABFC66CCA3C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\b0144ce106c1cac7417f378d6bd1c1e6nbr1622136582[1].css	ASCII text, with very long lines, with no line terminators	BC8C37EE2DE97FC7C474E4A71CA9E8AC	C0E1C604E7177B0709FFD94A47A07EA9801B34E4	FB6A86BC427B496F8B77431BAE5DD3FA28D8FE4B41A77C0997D8D902A36C7246
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\browser-icon-edge[1].png	PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced	096DBF8523D015FB4295051DF53A52C1	7BB34828A6AB6CB2E6E418ADFBEACF189D07AE3E	0E95127D87D4498950215D4AD1BAA56BDE661E9DC7BCE84F8249594FBCECC727
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\d7HW4UWRM	Web Open Font Format, CFF, length 66508, version 0.0	49B061D6468547558176037211AA630C	B02FD5987ED77AF837699BB13C7E838018943423	F89C62C68380B4BB548E4E24E284348FE9E98730F54F7E0C8942F6AA3BE9DA37
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\dBVE3H2UF	Web Open Font Format, CFF, length 66304, version 0.0	9E6E819AE9D8993A2B10353EFF16497D	1410161D0CA8CA3966897CAB50E45A14B721C056	81B4B3BC1EFD4F08F212308D9727BC21A40E38B5464B6B25EBDE1B2E24D13F05
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\dF2IW3MDL	Web Open Font Format, CFF, length 23416, version 0.0	334521D5C314F6265FCA189A2114006F	F35719EE30117ADF919939AD46A98C9D3C6EEE45	B4D011E6CF7EBE571E4D0C9868CD972592987E13D5BE3DDBB69C67638323A237
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\dH6GBMSR4	Web Open Font Format, CFF, length 67148, version 0.0	227960928668E1D655DBAAAE5FE23C11	128EF93AB71A18BA1DB0855C165D050ED8702037	DFD5B4454E0BEF1EBBE0940DFA3BFB117BEE9E3DF150FA55BE633114816E7179
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\dSARERLI5	Web Open Font Format, TrueType, length 25284, version 0.0	3A472B1A078B7B653C744CC55FAA5219	E9949514223E35D4A1E0515A312EC3664DEFDF33	8812CEB05FB855A78850BB1907BC621FC487CD6D54760AC8D821D760D3BBB9E3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\d[10]	Web Open Font Format, CFF, length 66740, version 0.0	02BDAC466185E4E1161BBFAB2C066327	5C0C5E8BDB41694C8AD5605D5C1FFF7EB0702EBA	AC44BE8F65384DEF37D9091D668E54A4B79AB6A3156C5D8CFBD3268BEC558971
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\d[1]	Web Open Font Format, CFF, length 36068, version 0.0	35870FDA65BBD420FEDAC45D4CB0F5C9	A9F5393402174551A2FF00C9C20739B82E138C53	8792852FC7DE9DE854131ACAD09CB7867193BF1F175E83D7EE55CF0CE9E35EC2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\d[2]	Web Open Font Format, TrueType, length 21964, version 0.0	25704A0DEF6040D9ED167F36D3F28242	FBB0D647FC706FC8867EF28DE3A03BD42FA7BDF0	246BA9C4AB21AC5BB04019666F63AA321BD893478FC4DFF77B25C86FBB5BF36F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\d[3]	Web Open Font Format, TrueType, length 20540, version 0.0	F7DFBBC4491156A7123A80DD7F9A1AA7	643F976CF7504CBF212657C25BE954A73F7F3F04	6778F1BCD6798ADE72372490A2BC16AD9BE3A23996E86878AF0C8F429B429CB9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\d[4]	Web Open Font Format, TrueType, length 19972, version 0.0	8A4B72CBF267D80FA1AA077748D6F386	BFCBD9749829EC32F8E92EDB67B2103A2B693FCB	25847A66D07866EDDEA20934F252A9D9FBA7CE24FA9EB0A60FA3F3056182B93A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\d[5]	Web Open Font Format, TrueType, length 22376, version 0.0	74B4BA34F532FC0C6C7C557A65B733B6	CA3CF7110DF3502935D79F055BFFE00A55087C3A	58C894C70D7848BD09B94AF1754E5532DCAC4189ED48F9AA3AB5E1ACEF4376C1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\d[6]	Web Open Font Format, TrueType, length 20720, version 0.0	185A2AFC0935C94FBB5683112A905CE2	4EB450182B9C658C6916CDDED80D3922E90DDCD8	F81CA8209A0526BEF58A70CF4288A1B1F8A02D8B1F7F8E3BC4B8A179323A1DFD
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\d[7]	Web Open Font Format, TrueType, length 22492, version 0.0	A2CAF0BD8F7084A90E2053AD61157C78	9E35E2810DCCB3C791CEB2818B16EFA9328C307E	6537EEA8561F3D0903E4CAABB123C0AF961A09218290C678285B7C27ED335E54
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\d[8]	Web Open Font Format, TrueType, length 20932, version 0.0	E0F2BB6FEFF9005FADFAA0DEAC9F17D3	5BCF4E553881D43087F31A8B47172F1F695E461B	809F249AF3A361113340A14136F8464AB4A1A23E47B05F71375115E6C23FFC92
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\d[9]	Web Open Font Format, TrueType, length 24436, version 0.0	6D26AE32705F04BD2CCC4DC335F15809	6F67C23951FB9426FA426436CCC1CE1E6FDDF220	6E52D4DF448460F8B6C6C8DC776745BE4C85A9D18981772A89C9876B4E19FB37
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\express[1].htm	HTML document, UTF-8 Unicode text, with very long lines	277413D92033811929CD47E46EFD0DAC	68C1667443FC81CD4E4090F06EA081AB0F924C96	43F75F4934953473B42D2C95824FA5C1800453143F1301BED0512BBDD1FC91E9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\feds[1].js	ASCII text, with very long lines	927E6FA55AB244AC1E006C884AA8072E	0B6250B58D417D761F085917E7D4A93E00A2BA89	47EE874D27CF6862C03E07A1A384334B5BF07808B73013F7D6172F004E63A028
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\head.fp-00a38324dab316803fdc74cba4ad7ab9[1].js	UTF-8 Unicode text, with very long lines, with LF, NEL line terminators	00A38324DAB316803FDC74CBA4AD7AB9	75321253B2C91E253BF2C775B589B2C096AAC1D3	0CCDD4428614FDCEF969060F2ECC4EC6FF99FEFB968A49B4C987FD4506D33C81
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\invoice[1].htm	HTML document, UTF-8 Unicode text, with very long lines	11F3C674241BE29DAB4CB22AA41E455F	219028147C444A7BF89B1E4A1BDA881929463245	FFB962CFC103A0E9DACCA49FB573635F23181E074D1D1F5802F2A12874225F72
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\login-bg-thumb-1[1].jpg	JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 50x33, frames 3	A7B1798CC2647C575129083BA0B44B17	ADB860A1E675C0FBEFB38A955A5DC4AF9A025B01	08F9AB3D41530F3E9D8F0780EF1A92F35ED821B5428E6B3C29DDB162F04818FA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\login[1].htm	HTML document, ASCII text, with no line terminators	73CA2C624770D1F40A24AECE58118E5C	FD8269E651875A5E4B534122C156FF710CB1AF0C	5FEB6D12A4635F78024E5770685A05CA419A146721A40FBF24735508B79F1718
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\main.min[1].js	ASCII text, with very long lines	2DFF659EF77A2D4E7D76BF2CFC77C59D	6852E5A30F3186122B4CE704DA88D6BABBC4A8A3	4CF1ADE01D47C67B3312F6750D7BAAA76C1CB0D1384FF654B255DE1A859DE959
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_101f9727a1033fb5ac3d46e6b69ac11257e19c86a[1].png	[none]x[none], YUV color, decoders should clamp	1BA5E77FD1D38723D1A8FB1CC22CE46C	2FFB84FB8F991F5CFB5AEDDA8A31452F7DAEB1C3	C26664FBBA48E40E6B728F78957529F160837B6AB17D02266665DC3D0ECF78DE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1022d55369c9618986ad93c5a25072f4185e4b63a[1].png	[none]x[none], YUV color, decoders should clamp	CBB822B3610F0F88F63E7CAA760AF243	478FFB41B30274991338A7FA1D271D77D08DC2E3	2EEE17EBF0717CB72C5F48B14123ABFE9406C6D90BE3A6A9BD6BC778C5700E9B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_102523b575492841801eee551ccfbc5fca141ecdf[1].png	RIFF (little-endian) data, Web/P image	33CB3F22104C1E116E3E02AE915C5461	57AC93319CF9FB85971DBD8273E63B32D8096C66	0DCC444CC2B9086AA89C8EBB3353869AB5C59767D9540464F17C91C17A9484D4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_106afd3797eb2a517c646ebca3f2ca33b6f7cbc1f[1].png	[none]x[none], YUV color, decoders should clamp	F44C4E9822BC37504FD35B946CE4D6AB	DE7870635E9B8B83060048B9A6237E2BA5614A61	34FCF35AB3F931C64AB6B742B954D3CAFAA163787BB9660B37A7B245F8D546E1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1137e79890ce81304b92d7de7a647c33a4dccc5cf[1].png	[none]x[none], YUV color, decoders should clamp	AC4B894929F12B25E4AC637F21948D49	BFCEBDBC9077D935395CE6B55456E3B5CC7BF51B	83AD177DD306C271A7A0103CCE1606099C6901C231FE98E5A5DF2A4FEC52FEE9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_11c0416d7e23b581a6b3ff64a21556c58f4bc48dc[1].png	[none]x[none], YUV color, decoders should clamp	6094E8A642543AF2AE4964AAB300E37E	309EFC83AD0A6829EA53F7759FAACF219E41A055	6EBC7CE5A79FFA01FFC3FA65D1749DAFD0A7153C538223CAD1844E9C3875603B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_12ef5a4e321ffe3e39b878bd58fdee97bf46640bd[1].png	[none]x[none], YUV color, decoders should clamp	E80607AD033E658F1F8758E0EA9722F3	B22616E7B8BB002D44B97FAF251C7794CF2D6E22	CB1F6DB5C13C3F6C381136FC950C25E47E188B6385955CE11FA6F60766B2027E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_139c72bce8c53e0b270c75d5ad9c4256b496c213c[1].png	[none]x[none], YUV color, decoders should clamp	9CA96FA3504B39AC348B124B98DF3797	53E59B1428E9A02A04259E3C7552B9D860E48414	7C40F7631BCDFF95A5799E4D0301FDB168FA2603EEF4AE84861ED0B5E57AE835
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1483169d9ed54a159cea2c7282c24b5a771f38d79[1].png	[none]x[none], YUV color, decoders should clamp	AF496C39C4A091DEB13EBA02B0BC021A	C835B6C3BF70248157C44D0627717EA94146F30F	6A9260E75F912B9E50A6C3571C387BEB7821FE6867AB3FD446A1668347665817
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1487d92c7935ccbb3c949843f5e5ed811950def06[1].png	[none]x[none], YUV color, decoders should clamp	1873FC0F0AF72F35A8F4AA458E20BCCD	B7D51AEE2C660794509896A565F0719B4AE296B0	9F05DAD13A701D1D22A2C478FE6C32110E57994F2C2BB9341441DE85EB413F5E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1707de0129dfc8f4ddadb55149ab2dfd705e786b2[1].png	[none]x[none], YUV color, decoders should clamp	81485C1DC373C58B7D6B7E09DEB1B1E1	72B68330FE262ED781B97B26746BB41C96F28179	F9FC8250106A68777FF81B1EE71BF189AB67E68CB192275998D728CF79BB1C09
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1763375371cdc365588efa0a63cb3007097c0d812[1].png	[none]x[none], YUV color, decoders should clamp	9256399AC0D88111505FF8915A8238DD	3C07ECB2647AD5A659EEEF581141BFB3E504F2D6	09D13D78877FB6A69B773A92E913B960E7CD9F94572DA98CEBB6EA8D66A655BD
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1775a36e7c0e3e4a36b1a94d39053618d1bc92472[1].png	[none]x[none], YUV color, decoders should clamp	8BF3F16CDC487CE707A270C6F605F943	E41CFB6CC6EE352D869A1B8B4C1FF5A7A17981F1	DA45D15A2631CC685B569795E64811671F1866E9C2009BF08FE89CD3C98F43EC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_17a679af01aefbb64a6df5151c42b14558683b8bf[1].png	RIFF (little-endian) data, Web/P image	B7208A9A26F914E96E063E8978136FE1	0B18AA33D9FF66D2BB3B76883FDD130AAF5C713E	8C29335D71C59F5368B71EF1B51A5FDD970AD9F8968AAE78DC599E8D6BC44065
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_18f5956fe507e677844b26f056a31426ee8bd8b29[1].png	[none]x[none], YUV color, decoders should clamp	52F45154DFAAA9768A1AC5A475BDEAF5	B190585DE7BBFEEBBB7AB72213ADD9E90F4BE276	D4349A04E0CEBC02D67615B3FE04816B520DFC3505A348C8726BA85C8606F1A9
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1a3a5d0b4d3b4cdafd28d6e4e2582aa89694802d1[1].png	[none]x[none], YUV color, decoders should clamp	C9423EE557A55FC4D4066E9E4FF39674	96EDEB77035FB98CD312D32D695C42C6CC93E1BE	FB81C10F0ECCCCA81FF7E96950920152216F130CCE3BDC9B38BAB2CA1B152B31
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1a4cd1509b5f28e646261219c740a1a76ceb73f0f[1].png	[none]x[none], YUV color, decoders should clamp	098727CE6D4653C3407EC3836BF44F70	3151C6B9EC678F22A08A7A5664A1E2AEED2B8C10	84E742AE47BB8E493E44BEFACB9AA94F976A38F68CBACDC04EEF4C08ED354342
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1b783cafb2748971aac00c4d44562b56dea639bbd[1].png	[none]x[none], YUV color, decoders should clamp	2E16313469254B0D50CCCF2F6A76688C	9D5F83E7D93F586F1A1FC8ECDBD433D4509E2DAB	8F04B87523C2F1D98238F8503DD85CBB9A974E11CC76B54C37809EE6CB58066B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1c340bf1a77952c05dc57609bbd46a900064367d0[1].png	[none]x[none], YUV color, decoders should clamp	8CC9A37E3BA7E35B4E47069F769CA281	D60A362BBEFE5FC99CAA7838D6D1A9F6B28BEDA0	4AE2D6C36C788233C27B83694256E0E77D4572793633BEF99C12342CC28999C7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1d4aca8ec56f4959f04271e33a31858565efbd6e3[1].png	[none]x[none], YUV color, decoders should clamp	C04464C68AF03DEDDAB8E85C8B1577A0	3A08B3F136279BF03AEFE1EFCE89854074D07F6B	EAC196B7C6764555B7158B27B46522A904B62B65C5A71D3A88A789141385A962
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1d9fdd5a9f0a44850f1d4382b18c262e10e037bb8[1].png	[none]x[none], YUV color, decoders should clamp	D88D227EB4294347E04D4795538EEE7B	4086720333814A7EDDBB2E9BB44806E043EF61C7	8124F3C0082F65A439C5C2E0D3C668F2A18C4C776CCEEBC3B614676975B6B3F4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1ed4c2a2a5130e5f9cdeed32b1221f2e7d8988f38[1].jpeg	[none]x[none], YUV color, decoders should clamp	34A9826873AB6E5600A1AB2014C94A64	F67628E01D5F1DBFA5095BE50B3A339CA7D03E0D	7B9D3091AEDFC9C1F5C85EF03B57CC69F64A7827146648AF315EF53F587AD19D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1edd2ae4453e3478187f2c8b4963eb73bac41e495[1].png	[none]x[none], YUV color, decoders should clamp	32064E3D3A0F737AA0EFF9B226EB672A	8E534A7077545B61CEEF3AE129DEE31BF381A8D3	1D24F0D3522F75191327F1246EDCAC37EB2A4298BBD101D88B3832A041179190
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1f2ae695122a1df2dcaff5fde4f9cef91748f3769[1].png	[none]x[none], YUV color, decoders should clamp	81FA9EC16744CB2347C5A2FA284195CA	AA86789212C97CB2B46B76A8C161ADA980AE4D5E	3D3172145872CA5A9ACA23A18B091DEACCCC52A46519A7B98B921AD91F7E5280
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1fa045f4d4c047292a458e22d98daf93c380c0e89[1].png	[none]x[none], YUV color, decoders should clamp	97E07C4E505EA91E3E5F1AEB084CEBC7	647F7D477F30570AB273AF6BB18CED6246E66184	23F3EEAA4238B29C28CC2C4BF34287E5AD1A45CD50AF90E1E4F41E74A8C0F355
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\media_1fb87a53f48dd41152fe9155a1522a8a736f0aa79[1].png	[none]x[none], YUV color, decoders should clamp	B851F70BA4F89E5E0598417E717FD636	D530BBA2E4E893D259F8B7979BCBFFD793348615	8373216664102119C808524D3D2D39F59414F3A60545E991F87B4B69CD26258E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\onz5gap[1].js	UTF-8 Unicode text, with very long lines	DAF93A792133E2F3BB29B04E819231C5	5597BCE352A8B04E573CCECA126EB4912C626A9E	1B586E639CBD3E2276EB3A1DE829E913806653FE43D5C19A7ACA128A43DC69F1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\otFlat[1].json	ASCII text, with very long lines	8352C117A751ACC46F7AB179C088D425	1F702763B6A77ED7129D726CC676FB2E7849360C	FB44400A61EDDA0B628AD2FF62CB5D299FAB4E7A18D586AE7D70481C6C9550B2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\otPcCenter[1].json	ASCII text, with very long lines	23DEFBEB3F5340E980CFC9203E6D6806	B57B6950AC0834D7507E9F7484B9F05F9E85B012	84E13B47921EE79D3FAB38B733E08DC04CA99B25C1880CB25475C9315DDC2146
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\pps7abe[1].css	UTF-8 Unicode text, with very long lines	6FEB771900764877F9ED7FCCCC9428B5	31693DA6584BC9FAB601AFC35550AEEE6A8210C1	3AC4CEB0885F766CF6E170BA7191315EA1C54287BF0947095E85D1B090A1BC35
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\publish.combined.fp-f5ca45e4601bf2640f1c068ba7d0d0c6[1].css	ASCII text, with very long lines	F5CA45E4601BF2640F1C068BA7D0D0C6	D0CADA6ACAA8B3F54BA6EA12B44A492B2B038874	C03F4D8703613618774ABAF6E7BE5E9281BEC836C574701A7019B0C24D56444C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\scripts[1].js	UTF-8 Unicode text	B17288A1E30B569809A86C18E9BB2175	C04F72BE58D7D8473718CBF00C7BBDF8E1321519	54F6DE9BE24813BE1C6F8CC2E86D7587E4E4EB6D19A17176B0AC733790145F42
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\spark[1].svg	SVG Scalable Vector Graphics image	907B6C4171506C79784218007A40BA44	439E9CAF7CDC5B93A3CA412EC4EDA6338997644A	AC0A282DCE35E91B761D9E69142973C44CD495E468434DCF1AD249F498D00788
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\themetwo.fp-abc573155522bcda0452e193dff7aa91[1].css	ASCII text, with very long lines, with no line terminators	ABC573155522BCDA0452E193DFF7AA91	EDB2799FBA37BF41FE9C2DC898D4C0650A10DB14	8602171F79058FCB3DBFA67B3DC823C3C49838E89A7D195FE9B1D7D350ABD6F7
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\PSUEOSZZ\vtg4qoo[1].js	UTF-8 Unicode text, with very long lines	46700293FD68A3707BEAF54E63C4D9A8	5F1130A35AC5C767DF52A13CC14D412B0A1CC0E9	413B5751660E454D49C8430CBD09054C97E7B0560660B14892FF6048E4CDDE46
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Cookies_72px_lt-gray[1].svg	SVG Scalable Vector Graphics image	DC2C21E75D20CE5B00C78499D3B2DEAD	4D507BBB930FA9BDCE35371538B3C6A74549C503	2076A1B099924D72F8B2D636645C5598444CEF873335E9D400CC7C8285CC96A1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\GG8mUEsjQvSUh[1].htm	HTML document, ASCII text, with very long lines	02DF9DD00895D7E0017A343FCD94B7A7	982E84D3E85CCDEAB0C881FB9B5CDCEF3D676B95	B49AD6B8BA2A9617DD8F02411CE66B6579D95DDA2F8D625B946EE679EAB3DCE0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Policies_72px_lt-gray[1].svg	SVG Scalable Vector Graphics image	EFB6F897542A02F53A3859AAEFBD7013	1CABA3B56B5AB14798C12C84C565AFE2A28DC2DD	B0AE115BC1ED8A5D8D3FE58E43A43AB6B54ADC35555D38A09BB44B22A0617A78
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\Privacy-Image-2-1440x340.jpg.img[1].jpg	JPEG image data, baseline, precision 8, 445x300, frames 3	5AC5CC8B77615A24CB4A981921EB751D	AEB7E76ABEE2DB25192833AC34A50D2C2A9C75B7	459A34EDCD31C4D24A58F9D8C5E36F092D5AA3A62B70F8012A2DB7C2B5FDD5B0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\RC6f46e43fa6d44dbeb45cc5801ffded0e-file.min[1].js	ASCII text, with very long lines	103F74C606F9F34DE57CC58D03CA9F37	99371402EBAC0BE88C47272395B7D8642355C451	1F1D00E1E54603EB529B61F2492746AD37BDFD32219940DDDB0D67A77A3A4401
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\RC881683c91a4d4caaa3e05264c5d96242-file.min[1].js	ASCII text, with very long lines	40C9BAD10FAEA7C23A900A7D42C39F05	6F7CF0B00B2154B8339E57490F35D6CEEF2922DC	CD38D21155B241E116C5916D9B01D575932986798A8BAE913CE78F05B976DF31
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\RC89c6d3bd15f043db95a5a0a4b5cc9da0-file.min[1].js	ASCII text, with very long lines	76575E06306C243D0DA748226C412465	F6A56A10995B517CA168AFC262BDD107603593AE	89B268AD62AF00A9016A288026AF84CFC7676F5204331E0FF83A3D6F5688EB98
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\RCa8534599c5d1425b9b1fceaf046699bf-source.min[1].js	ASCII text, with very long lines	A468404B5E53FA4A8F6E26CC11D508D4	EC691D97B30A5A07D5EA977B904F77C311B5A4C0	F3AE23D72EB26BE500F273BD2824D8504B7144E136D76D0C2D73CE2E4809537B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\RCbb47518ad08d43699044c6ef46f39ebb-file.min[1].js	ASCII text, with very long lines	D17255012C56773DFFA4EFE62F62EA75	AB2B02DE59551F70F263B99240871ADE925A329A	1B696886FB32738D3EB874FC5789084BB433039CEDF1D2519F15E1B2AC1A7421
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\SPRK_color_v2@2x[1].svg	SVG Scalable Vector Graphics image	F858A5C4E786F511FABE5D35DA995F65	DFC968D018C16B8E4853AA17418C9F4302CADC6C	CDA6CA3F0B46DB2E50DDB33DC50438CC2D1C22CF71650CD457912BDD9718A6EF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\arrow-left[1].png	PNG image data, 18 x 25, 8-bit/color RGBA, non-interlaced	59F99801C29B6F884941AB4E86435815	D434AF60CC81A5813EB3084AEF70B0CB97E6ED54	50E89F67220A83D59B25E9EC977F059AEDE2C1499D401A6331219249F0C54CC3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\arrow-right[1].png	PNG image data, 18 x 25, 8-bit/color RGBA, non-interlaced	28A18EE67AF8D721211ED08164E72CB9	C643A55A18EF870B88FA1CAFED098A12F001384F	78260D8829368E46D58D02B613EC0C0E19AEE5C159AA4BA255D032D283C30187
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\browser-icon-chrome[1].png	PNG image data, 124 x 124, 8-bit/color RGBA, non-interlaced	5CE8BC0C54510B727656B9750F4F4B37	CFB13C4F64CE267C2A2A67B6EA3076A86308665E	71D9139914C20E72E574633CCD31802FEA9130050AF514736E2B6127061A46D0
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\d[1]	Web Open Font Format, TrueType, length 33188, version 0.0	DCA4F55F778D14EC5C839B53B11329ED	A467C967D419B74EFC0FE8142B4399E3B3BBB083	AF901B92645CD64D10F4AC5059A9C94F6AABED7295425C03694B8C0FC5126655
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\en-US_bundle-6a358124[1].js	UTF-8 Unicode text, with very long lines, with no line terminators	EA3FD08216A1913E940A7061B28286D2	FD656FE57F2637DAA1768EAAB9419A9DD5ABAB7D	FDDA778927A94939339B8FE7B9AFCFCBCF952FA561BD1076115719364E4CC596
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\favicon[1].ico	MS Windows icon resource - 1 icon, 48x48, 32 bits/pixel	B28BF60DD7E50B6DFFD394EBC0F9057A	9EA7EED87B689757780322989EF426AEFFDC8F7A	BF24C9E4D37F94D4BD2F870228FF421CA54B2949DB3391DBD3818EC0E6DB0F5F
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\icon-footer-instagram-grey[1].svg	SVG Scalable Vector Graphics image	3AA1FDA78E24D8147732E483AB53D82C	2F68DEC16E343C8F97E8838A2A97D60C071F531E	FA7FAE8A66DF78B001F3B9DD2BEF5913638614D202E256E9513034DB6B26ED58
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\left-arrow[1].png	PNG image data, 37 x 38, 8-bit/color RGBA, non-interlaced	5CE00C645964CF02667D083A32CEC874	A8D09FAD595AE7DF7A955030FAA21CCC561FC581	8BACF7F9552B5706A7E607F2FFAC2393884D09EDD921B22D8274FEAE33629822
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\lightbox_close@2x[1].png	PNG image data, 40 x 40, 8-bit/color RGBA, non-interlaced	13198D9E24E4047B757E69F32897B19D	868CEB3BDC559535E5E638A9E145F35005AF33C6	2603DCB84908061D1A9E31DA6080328BF7867BFC4AA7A1A9A0FBD25E5942A043
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\location[1].js	ASCII text, with no line terminators	C4F67A4EFC37372559CD375AA74454A3	2B7303240D7CBEF2B7B9F3D22D306CC04CBFBE56	C72856B40493B0C4A9FC25F80A10DFBF268B23B30A07D18AF4783017F54165DE
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\login[1].htm	HTML document, ASCII text, with very long lines	8D49F21A7A99CDCBCDDB2AC82D15B8A8	11DB305B81207BCD83D95C2D3531FF004BE37457	4C7160D9597E89DBCC9050843F7C9B77F8D9210C27319CD258B62411BB2256ED
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\logo[1].htm	HTML document, UTF-8 Unicode text, with very long lines	B940B432EFF3FA19804063B41F655D89	62128D1FF78DF5B506FE7E1EC64B5884B35EA6C8	9869B83FC9DCA1DFB8D3E7E4744C2984EDC273B8754ED798DCEFA889E1998900
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\m-web-77674361[1].js	ASCII text, with very long lines	955B1F89E50EADB1F60A07A7AADDDE20	3BF38310C308B022F5720AEE9903ED2C52299CCC	64F06C5136B1C8B451D30A95C680811220EA7F3F0B825309CEE7F08E249214D4
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\marvelcommon-51100480[1].js	UTF-8 Unicode text, with very long lines	48F849DA6F644B576196923A27236F15	8D47A27FA948519768268ECA970AB6487771A287	15DA34D198A8ADE100CC1A6047F99FC87FC7785754E8E1A39A49F06F5D5D5873
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_10c5b0e0381728162d8b366adc11d637c97374b24[1].png	[none]x[none], YUV color, decoders should clamp	58272D541D2634C527BAF44C9F639384	C5C6CBC93A569FD62943FD680D35631C3D19E134	443F535868FB697A86587EA63A345546005EADBB7BEFF67DE38DAF68C4CCEF6D
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_11aafb163b677440f9ec0629d83285ca4b9242a86[1].png	[none]x[none], YUV color, decoders should clamp	17A059617671AD5F58BF8061CEF18003	9B66601377276C135D0AA425DA3EA66E1D6F1FBC	37D5266D1C2E2CF4632A7505B552B42C35E72CD70BBB54051FE95F269BEF4A28
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_1235336d551d49197b9e2b3a6bb68d4323f0b71d8[1].png	[none]x[none], YUV color, decoders should clamp	C286185F0A4BC20981D73522ADEE257D	64581F265B1BC39AF91387D88E3798D2C0BBBBA1	40EA94D7E470E52164F498AE03DD415D1B0145499DFBC6EF806752F873A89CCD
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_12438f0ed5e015acd4f31b04e2a0bfd095e616ecd[1].jpeg	[none]x[none], YUV color, decoders should clamp	7A9C201C09A4DFD3344ED1A558BC9838	EFA2D3D98EE80B2B89A2FC87CD5364BC2934C7DD	03EACA689BDB3B97F0C64ECA889CC949E5E35FBE229759E77C61EEC59ECD0002
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_127d8ddf746b3d9b821b50287212a23ace9adf57c[1].jpeg	[none]x[none], YUV color, decoders should clamp	ABE63D471829BCB3AB3658DEF6906867	231AFECD20FB809B6C9774FEA8D0CFA90C4E74B3	0AFF67DCBCCDAC84D25F477D210AC8150C25192216983C10112D4B25E2A85C6A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_12aa7e4bc0022e4439e60c45ad19f273e0b27517a[1].png	[none]x[none], YUV color, decoders should clamp	CF624FF5D26B2A801821939488DEB07F	75F585F9DCDB8595BE6B0E4AD07975FF616C4701	16C0C9C0D76D9AFD82C0D72607576D09C32F146006041B59E03C44A77AF5B60A
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_13c3fd217f966dd5d96a90ef8f11a8cf44f63ac97[1].png	[none]x[none], YUV color, decoders should clamp	945BDFD0A258F85C77410E0702E821ED	B2CF90C3F3733AF03CDA97255A526C932E0CF8EA	63BD50DB6AAE3FAF4F4C4776E715A60AFA91C6B07598F363D137B0BB80AF4ED1
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_13e8c433d76c80c51904af0d7c2cafd474aee6188[1].png	[none]x[none], YUV color, decoders should clamp	BA7B473A4CE49E2E015FD1E5C10F7803	F95A0F7F5EFE9A22801D53B5877DB75C571F2A8F	C0072B44CA8318852CA29D948951C852AB6D8139D93DBEE7C146297DE73A86C6
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_14c1b678d5536b884fc65a1a6cd5a0bbec91f4bc5[1].png	[none]x[none], YUV color, decoders should clamp	0D9FE55C7FB68C46DB715EFA4F23E667	53EFAC440E22E1C9A882FEE68156A979CE3914DF	F733CF1CBC762CF7078A771422DCA4876759843F07C76350A8C0B493E051024B
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_14ceb3c1bd84d311e1994d072dbaa4a328918e7af[1].png	[none]x[none], YUV color, decoders should clamp	42366628DF37228A58815FEB86B1BF7B	278B7267CFFB072D45905F82E194D994CBBF79CD	43A5A89D0EC6EDAAA50A04659E0C5C0315618845BCDB0092EEB2819DA6419E64
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_1522dd4d72982d1fe7951471e59444ac40eab2255[1].png	[none]x[none], YUV color, decoders should clamp	16667B7A0A947BA132EE07695FBFE064	2862AE32B7815D0EF1A59B6D5991618E3C62E74A	1145213435965C31D4B56341EF55D4B24BA935AC7647A3E5A2C3A41B9E75BCBA
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_15d09650d5e287278cbbb8fa05a3f1ee2317ae3ac[1].png	[none]x[none], YUV color, decoders should clamp	582BE8F6D5D5DE3EF766BEED5CC28FFF	1E6800C4125CFCD52D9C350E98C84E6B6F645E1F	63916E4738A118C17A2988C136456C2C27E4F9C785D7F2E408A3B9BD83564504
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_164ba32a452ede9f21053d1bd33db8e5bbedc309a[1].png	[none]x[none], YUV color, decoders should clamp	43B5B2F33810AE9A370110B1571DD251	B6686C58FBFABAF0ED75D373A064C2096518AB3C	0132AA208F0F6E35A71E963444EC930EE3BF5A44039B9406EFA28464B2C68581
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_1685c579c98b14832047288ff8107734f541b8104[1].png	[none]x[none], YUV color, decoders should clamp	AB0EC9A64E45876B64933579FFE46579	88E624706E165298D9FCDC6F378B6CC3373015FF	FAECA50FF4D1D65168ECF0EF53DBAC7A3348F0EF1063B0C62125DB913C39AA41
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_16982f492fe1f0482efad2042470c7917729b8ee6[1].png	[none]x[none], YUV color, decoders should clamp	F5754468679822EA98F123DC5CAD1F8F	5F1F7A7A00C286065307D8A981E75B61390816B8	E0313155A082A1EB297FAB3DFE773E96E920C9D5FEF7C9A05661E1ACC13FB2E2
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_16f1a991f9573c3356d30b94d7227685fea050849[1].png	[none]x[none], YUV color, decoders should clamp	C3B92ECE40CE0B9D6DAF610696757073	295F7A21D0293D2757BAFC10CF2A5C26CF93E23C	4C50CE9761C419B9BB85554194F6D3EEE9A8547211B5CC7D0DA23BA3A88BB982
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_17b19aefd6de384e08f0b96a3e7a8ffccbb65a8fa[1].png	[none]x[none], YUV color, decoders should clamp	33FA43C97764B0D54C4DEF9864E5BFB6	BC843FF6369E7EB975F7F9FAC59E91C6B5C21F96	C8E6B47FFA136FD71E6DA8A4289BDEC6C1AB311C41D59A5B74A74868352F2BFF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_1872c471a06e7263236115878a9cc98a727e23c64[1].png	[none]x[none], YUV color, decoders should clamp	24B7FEDEB99A35D6DCA481EB7CB94DD0	2E381ACB696B98888BBF1226533D11455F9FE217	0CD5070EF9B6724CBBC0A3E189BCD8DD7F948B9CC983DF10F5B71CFB02774AAF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_19655c70ca20534db7d4a5a7915326d7634b99b39[1].png	[none]x[none], YUV color, decoders should clamp	692CCB0935294C0A0FBD34893BB73DD0	A1DBBA2803E2CEF959B5841588E35AAD8FF3273D	2E1C4BDF5711D8150F780DAB0BA5C418744D459FDA04F78A66BACDAB8CD56847
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_19690ef1d10ce326d9fd8530393422c4d2fde5ddb[1].png	[none]x[none], YUV color, decoders should clamp	D036490BC6D67BCFB1748B56F7EDD7B4	805322184A82F7A6356E19816DA53F78B26C83FC	8F5CEF1B4ACDB38AB1F51ACF7E66B8922A0EFF54EE7B9614268629EF2214499E
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_1b789978976aaa068321eb8d193edca9c6d7df091[1].png	[none]x[none], YUV color, decoders should clamp	159346B993007B26CFB5C365CBFC890B	0BD84CDDB0E7B8265E0FD2A6F6CCD08BCC758F14	6925260FF59BFFD1F789229D6CC10F7FC5105EDB17EDD577EEE3C9D3099E5DD5
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_1bf2152fa9f22385f1f6b2335e89950c4f41189c7[1].png	[none]x[none], YUV color, decoders should clamp	0049CAEF95B2B0EC332613F5862A6596	B64A76B254374172D8211F1A04B26C37A5249E41	5DE43088D29BA089716960F634C8B6DE641A52650EF0D40B636E6E91525F6687
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_1c08d5249661d979ecbd6ba98a8f1d111a0b3624d[1].jpeg	[none]x[none], YUV color, decoders should clamp	418BB39EF0EFA3E54A230212A06808DD	B5326D8CC9C4ADED399B66E8AD52A99DC96E50DB	243060CF7F959D686C13E16EEDEF3460C84C36B44633C35472903CFB136441AB
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_1c2c6d02cc6b297a9177eaac4e9606440e8dc4d26[1].png	[none]x[none], YUV color, decoders should clamp	7A344806E65012BE84A75EDC171109AC	1342B1714ADD537917D160324DE80C496A1F27F5	805193A212C578C782B70263283ADD607EA14B225BB23B85387B2F59B2C49A9C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_1e440d4fb87a5de1b4b6ff51b1ae37a2f63c40817[1].png	[none]x[none], YUV color, decoders should clamp	D7DC11770DECBFB1E45B3EC05827E4C3	26D620C35237CB9FC1A8673DB04CEC7A233FECC5	2099419132AE52EA9AC501D2AFA724D23040657132D71B41859DE5F159A333D3
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\media_1ead54a0ff6dcb617f31ace7cbdc8d1154dfbcaaa[1].jpeg	[none]x[none], YUV color, decoders should clamp	D20DFF1B37116952CFC7737C12290261	E0BEA1AE67345538B7C0976D6F688ABDD2CF3044	E3B0F61537E04D2EC06FF886ADDEAC2B1ECA2B5CC8951DF5DD2FE12013DE4253
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\noscript.gz[1].css	ASCII text, with very long lines, with no line terminators	BAA266F5BD7729A2ED64E929B835083A	6388FF647E1F0FC306C8CDA8765D90109A26DF15	858FDF50C5FC5B2E92A07EBC4EE0ACA98BB5518455080ADAF3F1CD62575526EF
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\otBannerSdk[1].js	ASCII text, with very long lines	09842127B6FE7CD7FED7BE501A5E0EE8	41A188777AC1C69C98DD0E11F6C30C2F21E02510	6A13B93C05AF6EC6255B737032AA3F5D1F4823ED2D57D12C0735BD2C4ADC8EFC
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\p[1].gif	GIF image data, version 89a, 1 x 1	81144D75B3E69E9AA2FA3E9D83A64D03	F0FBC60B50EDF5B2A0B76E0AA0537B76BF346FFC	9B9265C69A5CC295D1AB0D04E0273B3677DB1A6216CE2CCF4EFC8C277ED84B39
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\p[2].gif	GIF image data, version 89a, 1 x 1	81144D75B3E69E9AA2FA3E9D83A64D03	F0FBC60B50EDF5B2A0B76E0AA0537B76BF346FFC	9B9265C69A5CC295D1AB0D04E0273B3677DB1A6216CE2CCF4EFC8C277ED84B39
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\pps7abe[1].css	UTF-8 Unicode text, with very long lines	6FEB771900764877F9ED7FCCCC9428B5	31693DA6584BC9FAB601AFC35550AEEE6A8210C1	3AC4CEB0885F766CF6E170BA7191315EA1C54287BF0947095E85D1B090A1BC35
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\privacy.min[1].js	ASCII text, with very long lines	61C7F82AA19B0E75200172543A8A7FDC	F2B3B898F62EB1CF2BEE8C53F8F565F75D1FAA57	EACEDC06C67370E790EDCF8169FDEDE20F126A1DA77DB990E1FA8C8BDCCC4338
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\publish.combined.fp-67aad4c89568b23c662905b8b4fd16bd[1].js	UTF-8 Unicode text, with very long lines	67AAD4C89568B23C662905B8B4FD16BD	FF989419D953DFB576C42BF7877EF1A2DB2062E9	468B99DD74B016C5CF578CEBFE98224CE4D27D745D40147B4C3DE328671E631C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\rbi5aua[1].js	UTF-8 Unicode text, with very long lines	D464D0A61D4E34F4C431CA31D0F7E6E8	73716727BFD77BA586E907A9FFC33FFC39CA73BF	29B51B31FAF8A954EC0209189E1A6491AFE94CBE50D1E16679FBA7561AD2BC5C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\right-arrow[1].png	PNG image data, 37 x 38, 8-bit/color RGBA, non-interlaced	0521A80DA93DACC1CD2104B8C3828421	D7E9EDD62115256357A5F5DC1BD373FB120F85D5	78DFEED82B27915E2415AD7AB405EBF2D7217F3DCF22005B13D5AF9B4C65C43C
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\s75804779591865[1].gif	GIF image data, version 89a, 2 x 2	AD480FD0732D0F6F1A8B06359E3A42BB	A544538683A2DFE574EEB2E358AC8FCC78289D50	A1ECBAED793A1F564C49C671F2DD0CE36F858534EF6D26B55783A06B884CC506
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\scripts[1].js	UTF-8 Unicode text	B17288A1E30B569809A86C18E9BB2175	C04F72BE58D7D8473718CBF00C7BBDF8E1321519	54F6DE9BE24813BE1C6F8CC2E86D7587E4E4EB6D19A17176B0AC733790145F42
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\spark_app_white@2x[1].svg	SVG Scalable Vector Graphics image	A29E0C074D7C5E3F6A54CE20C5FEA0AF	8563F7581C1939067B4AA354E78341BC46BD9E1D	511C77BD64C8D67BE5FC38F107B5005F32F38386A8142CE13753EDABEDD50B86
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\WJ8I2OL4\terms[1].htm	HTML document, UTF-8 Unicode text, with very long lines, with CRLF, LF line terminators	DEA3D9CE4B53033BC97B82A14AA8B494	C073F7DAD38A8A1CC74F8E43DBF4942AF82D710A	00E63B78181930A260BBB984DCA2A3BEC9187B982B424F7BAA59C7E7BF3445BF
C:\Users\user\AppData\Local\Temp\~DF8227BB7BB94304CB.TMP	data	A6B971C1C0F313F30D2080609D754D8D	9171E9BDB9B9EC895EACC6AD6997EB04950827FA	BEEB9CF8F51B652F6BC64A4C380B9C2046A6357DD9EB68054B5EF66FDB3E4569
C:\Users\user\AppData\Local\Temp\~DFC0840655B7581AA6.TMP	data	3E9E8BED755710BEE96D936B83B16E58	6FEF4ECD397CA44D608FAB6ED1F8DED52E233233	DE46AA0FE819B631DAEEFCF5706D84932B602CE4526CCACBFFA778E2D73E2B2C
C:\Users\user\AppData\Local\Temp\~DFF706A052856AEE8E.TMP	data	8C8E6E9A664D952C86ADEED5C68A6E6E	1DFFA64D67DB4A4D20489D4116D68CB508E87C4D	BA8DCC6350D1EE0D258F30F29602127B53B588CD6FFF7FCEA0E84BDEB873E89E
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\WVUC0OGWOR2XHS4OYII5.temp	data	2EE6B4526D74551328B19299ADEF53D9	70908D6B25CFB6FF9992EF46031E66CC0D9245E8	2B135F078AF7466E135006413A1E529BEAEC4EF27B203B9AF94625227F1347AA

ID:	433116
Product:	CloudBasic
Start time:	10:38:20
Start date:	11.06.2021
Sample:	Tribeca Investment Partners - Funds.pdf
Cookbook:	defaultwindowspdfcookbook.jbs
System description:	Windows 10 64 bit v1803 with Office Professional Plus 2016, Chrome 85, IE 11, Adobe Reader DC 19, Java 8 Update 211
Architecture:	WINDOWS
MD5:	1f514a862d7eb6e2c4952b67a97a4e56
SHA1:	4a4d5f759793397ebdc72679895ef62f6a74fed3
SHA256:	6c796e1a57333bc61e0a45a6398da2393ce0529304b57abc8d22125862a02211
Filetype:	Adobe Portable Document Format (5005/1) 100.00%

Analysis Report Tribeca Investment Partners - Funds.pdf

Overview

General Information

Detection

Signatures

Classification

Signatures

AV Detection:

Phishing:

Compliance:

Networking:

System Summary:

Hooking and other Techniques for Hiding and Protection:

Malware Analysis System Evasion:

Anti Debugging:

HIPS / PFW / Operating System Protection Evasion:

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Source: unknown	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' 'C:\Users\user\Desktop\Tribeca Investment Partners - Funds.pdf'
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\Tribeca Investment Partners - Funds.pdf'
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1696,14583101347345561594,418495030725437647,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=18176514141952179124 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18176514141952179124 --renderer-client-id=2 --mojo-platform-channel-handle=1664 --allow-no-sandbox-job /prefetch:1
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1696,14583101347345561594,418495030725437647,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=14323790637429607960 --mojo-platform-channel-handle=1780 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1696,14583101347345561594,418495030725437647,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=15500690304138507742 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15500690304138507742 --renderer-client-id=4 --mojo-platform-channel-handle=1868 --allow-no-sandbox-job /prefetch:1
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1696,14583101347345561594,418495030725437647,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=4408287619177528861 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4408287619177528861 --renderer-client-id=5 --mojo-platform-channel-handle=1872 --allow-no-sandbox-job /prefetch:1
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1696,14583101347345561594,418495030725437647,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=4271642722203936314 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4271642722203936314 --renderer-client-id=6 --mojo-platform-channel-handle=2204 --allow-no-sandbox-job /prefetch:1
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' https://spark.adobe.com/page/GG8mUEsjQvSUh/
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:1968 CREDAT:17410 /prefetch:2
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe' --type=renderer /prefetch:1 'C:\Users\user\Desktop\Tribeca Investment Partners - Funds.pdf'	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --backgroundcolor=16514043	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe	Process created: C:\Program Files\internet explorer\iexplore.exe 'C:\Program Files\Internet Explorer\iexplore.exe' https://spark.adobe.com/page/GG8mUEsjQvSUh/	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1696,14583101347345561594,418495030725437647,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=18176514141952179124 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=18176514141952179124 --renderer-client-id=2 --mojo-platform-channel-handle=1664 --allow-no-sandbox-job /prefetch:1	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=gpu-process --field-trial-handle=1696,14583101347345561594,418495030725437647,131072 --disable-features=VizDisplayCompositor --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --lang=en-US --gpu-preferences=KAAAAAAAAACAAwABAQAAAAAAAAAAAGAAAAAAAAEAAAAIAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --use-gl=swiftshader-webgl --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --service-request-channel-token=14323790637429607960 --mojo-platform-channel-handle=1780 --allow-no-sandbox-job --ignored=' --type=renderer ' /prefetch:2	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1696,14583101347345561594,418495030725437647,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=15500690304138507742 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=15500690304138507742 --renderer-client-id=4 --mojo-platform-channel-handle=1868 --allow-no-sandbox-job /prefetch:1	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1696,14583101347345561594,418495030725437647,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=4408287619177528861 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4408287619177528861 --renderer-client-id=5 --mojo-platform-channel-handle=1872 --allow-no-sandbox-job /prefetch:1	Jump to behavior
Source: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe	Process created: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe 'C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe' --type=renderer --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --touch-events=enabled --field-trial-handle=1696,14583101347345561594,418495030725437647,131072 --disable-features=VizDisplayCompositor --disable-gpu-compositing --service-pipe-token=4271642722203936314 --lang=en-US --disable-pack-loading --log-file='C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log' --log-severity=disable --product-version='ReaderServices/19.12.20035 Chrome/80.0.0.0' --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --service-request-channel-token=4271642722203936314 --renderer-client-id=6 --mojo-platform-channel-handle=2204 --allow-no-sandbox-job /prefetch:1	Jump to behavior
Source: C:\Program Files\internet explorer\iexplore.exe	Process created: C:\Program Files (x86)\Internet Explorer\iexplore.exe 'C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE' SCODEF:1968 CREDAT:17410 /prefetch:2	Jump to behavior