Joe Sandbox Cloud Basic Analysis Report
Edit tour

Windows Analysis Report
https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail

Overview

General Information

Sample URL:https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail
Analysis ID:1533181
Infos:

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Allocates memory in foreign processes
Query firmware table information (likely to detect VMs)
Writes to foreign memory regions
Creates COM task schedule object (often to register a task for autostart)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Creates or modifies windows services
Detected non-DNS traffic on DNS port
Drops PE files
Drops PE files to the windows directory (C:\Windows)
Drops files with a non-matching file extension (content does not match file extension)
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
HTML page contains hidden javascript code
May sleep (evasive loops) to hinder dynamic analysis
Queries disk information (often used to detect virtual machines)
Queries information about the installed CPU (vendor, model number etc)
Queries the volume information (name, serial number etc) of a device
Stores files to the Windows start menu directory
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

Process Tree

  • System is w10x64_ra
  • chrome.exe (PID: 4300 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 6484 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1964,i,7682735342506736524,17143354109292339007,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • chrome.exe (PID: 2756 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5656 --field-trial-handle=1964,i,7682735342506736524,17143354109292339007,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • avast_free_antivirus_setup_online.exe (PID: 724 cmdline: "C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe" MD5: 669DB7E7BA18C30B53F3D2FA12599ED6)
      • avast_free_antivirus_online_setup.exe (PID: 4800 cmdline: "C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe" /cookie:mmm_ava_esg_000_361_m /ga_clientid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US MD5: 5024C02AF4C75C03320ACE28EF464EED)
        • icarus.exe (PID: 4092 cmdline: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe /icarus-info-path:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\icarus-info.xml /install /cookie:mmm_ava_esg_000_361_m /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 MD5: DB585D1E263964856A59D68EC5EEAF07)
          • icarus_ui.exe (PID: 3724 cmdline: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb MD5: 1354AA69547C9EA771FAF3F9CB2CD6D7)
          • icarus.exe (PID: 7164 cmdline: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb /er_slave:avast-av_slave_ep_5ee5cb36-6cb6-4d8e-82b4-8555143c26e4 /slave:avast-av MD5: DB585D1E263964856A59D68EC5EEAF07)
          • icarus.exe (PID: 5444 cmdline: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb /er_slave:avast-av-vps_slave_ep_6501dd8f-66c5-4442-920f-c2eed9ef0f40 /slave:avast-av-vps MD5: F77C9CB91B343A8D457E9C813A1B3C25)
  • chrome.exe (PID: 6520 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
  • cleanup

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • Phishing
  • Compliance
  • Spreading
  • Software Vulnerabilities
  • Networking
  • System Summary
  • Persistence and Installation Behavior
  • Boot Survival
  • Hooking and other Techniques for Hiding and Protection
  • Malware Analysis System Evasion
  • Anti Debugging
  • HIPS / PFW / Operating System Protection Evasion
  • Language, Device and Operating System Detection

Click to jump to signature section

Show All Signature Results
Source: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pcHTTP Parser: Base64 decoded: <svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" width="348.333px" height="348.333px" viewBox="0 0 348.333 348.334" style="enable-background:new 0 0 348.333 348.334;" xml:space="preserve"><g>...
Source: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pcHTTP Parser: No favicon
Source: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pcHTTP Parser: No favicon
Source: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pcHTTP Parser: No favicon
Source: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pcHTTP Parser: No favicon
Source: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pcHTTP Parser: No favicon
Source: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pcHTTP Parser: No favicon
Source: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pcHTTP Parser: No favicon
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Common Files\Avast Software
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Common Files\Avast Software\Icarus
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Common Files\Avast Software\Icarus\avast-av
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\setup
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Common Files\Avast Software\Overseer
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\BrandingData
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\setup\asw90c391f1eedb9057.tmp
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\setup\config.def.ipending.80cd7a23
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\BrowserCleanup.ini.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libwaheap.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libwalocal.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libwaapi.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libwaresource.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libwautils.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libwavmodapi.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\su_adapter.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\su_common.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\su_controller.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\su_worker.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\wa_3rd_party_host_64.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\wa_3rd_party_host_32.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\afwCoreClient.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\afwRpc.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\afwServ.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\dnd_helper.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\gaming_hook.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gaming_hook.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\dnd_helper.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\hns_tools.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswhook.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswbidsdriver.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswidpm.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswidsagent.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswhook.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\background.png.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\background-loading.png.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\waikamd64.mst.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\aswShMin.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEShell.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEAntivirus.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\aswRegLib.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEBrowser.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPECommander.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\wxbase315u_vc.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\wxmsw315u_core_vc.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\snxhk.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\snxhk.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswSnx.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\asulaunch.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057\aswClnTg.htm.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057\aswClnTg.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057\aswInfTg.htm.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057\aswInfTg.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057\Base.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057\Boot.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057\uiLangRes.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033\aswClnTg.htm.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033\aswClnTg.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033\aswInfTg.htm.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033\aswInfTg.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033\Base.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033\Boot.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033\uiLangRes.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswArDisk.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswArPot.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\BreachGuardSdk.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswProperty.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswPropertyAv.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\AavmRpch.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\ashShell.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\dll_loader.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswCmnOS.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswCmnIS.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswCmnBS.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\firefox_pass.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswBrowser.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswAMSI.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\Boost.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\brotli.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\bsdiff.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\bzip2.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\c-ares.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\cef.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\Crypto++.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\cURL.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\Detours.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\dnscrypt-proxy.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\GSL.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\ICU.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\intel_asm.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\jansson.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\JsonCpp.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\lexbor.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\libevent.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\libPNG.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\libsodium.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\LUA.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\lzfse.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\LZMA.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\mbedTLS.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\mhook.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\nanopb.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\nghttp2.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\OpenSSL.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\PCRE.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\protobuf.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\pugixml.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\rapidjson.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\sqlite.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\unrar.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\vxWidgets.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\Xerces.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\xmlParser.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\xxHash.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\yara.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\zlib.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswCmnBS.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswCmnOS.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswCmnIS.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ashBase.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ashServ.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswAv.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ashShell.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ashTask.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ashQuick.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ashUpd.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswAux.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswDld.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\CommChannel.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\streamback.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ntp_time.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\sched.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswEngLdr.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswEngSrv.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswLog.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswProperty.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswPropertyAv.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswW8ntf.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\uet_client.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\anen.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\perfstats.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\CommonRes.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswSqLt.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\VisthAux.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswChLic.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswIP.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswRvrt.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\log.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\burger_client.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\tasks_core.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\task_performance_logger.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\process_monitor.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\serialization.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\event_routing.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\event_routing_rpc.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\event_manager.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\event_manager_burger.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\event_manager_ga.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\event_manager_er.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ffl2.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\browser_pass.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\vaarclient.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\module_lifetime.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\dll_loader.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\shepherdsync.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\fltlib_wrapper.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvastSvc.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AavmRpch.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswBoot.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\wsc.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\firefox_pass.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswAMSI.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvastNM.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswBrowser.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\wsc_proxy.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\wsc_proxy.exe.manifest.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvEmUpdate.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\SupportTool.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\nos.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswAvBootTimeScanShMin.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\OobeUtil.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\mfc140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\mfc140u.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\mfcm140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\mfcm140u.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\crts.cat.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\avast.local_vc142.crt.manifest.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-console-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-console-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-datetime-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-debug-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-errorhandling-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-fibers-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-handle-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-heap-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-interlocked-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-libraryloader-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-louserzation-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-memory-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-namedpipe-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processenvironment-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-profile-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-rtlsupport-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-string-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-sysinfo-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-util-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-conio-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-private-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-process-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\concrt140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140_1.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140_2.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140_atomic_wait.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140_codecvt_ids.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vccorlib140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140_1.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140_threads.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\avast.local_vc142.crt.manifest.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-console-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-console-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-datetime-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-debug-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-errorhandling-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-fibers-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-file-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-handle-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-heap-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-interlocked-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-libraryloader-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-louserzation-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-memory-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-namedpipe-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-processenvironment-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-profile-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-rtlsupport-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-string-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-synch-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-sysinfo-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-util-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\API-MS-Win-core-xstate-l2-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-conio-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-private-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-process-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\concrt140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\msvcp140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\msvcp140_1.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\msvcp140_2.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\msvcp140_atomic_wait.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\msvcp140_codecvt_ids.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\ucrtbase.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\vccorlib140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\vcruntime140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\vcruntime140_threads.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\HTMLayout.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvLaunch.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvastUI.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvConsent.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\jsbridge.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswKbd.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswNetHub.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libssl-3-x64.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libcrypto-3-x64.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\protobuf.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswRdr2.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswMonFlt.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswSP.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswRvrt.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswElam.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswbidsh.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswbuniv.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswavdetection.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswcomm.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswdetallocator.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswntsqlite.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswpsic.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswremoval.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswsecapi.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswwinamapi.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswStm.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\RegSvr.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswRunDll.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\AvDump.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswRunDll.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RegSvr.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvBugReport.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvDump.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\SetupInf.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\overseer.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswToolsSvc.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswVmm.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswVmm.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\chrome_100_percent.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\chrome_200_percent.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\resources.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\icudtl.dat.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\am.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ar.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\bg.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\bn.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ca.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\cs.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\da.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\de.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\el.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\en-GB.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\en-US.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\es-419.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\es.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\et.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\fa.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\fi.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\fil.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\fr.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\gu.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\he.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\hi.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\hr.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\hu.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\id.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\it.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ja.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\kn.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ko.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\lt.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\lv.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ml.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\mr.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ms.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\nb.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\nl.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\pl.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\pt-BR.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\pt-PT.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ro.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ru.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\sk.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\sl.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\sr.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\sv.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\sw.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ta.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\te.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\th.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\tr.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\uk.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\vi.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\zh-CN.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\zh-TW.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\swiftshader
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\swiftshader\libEGL.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\swiftshader\libGLESv2.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\chrome_elf.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libcef.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\d3dcompiler_47.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libEGL.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libGLESv2.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\snapshot_blob.bin.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\v8_context_snapshot.bin.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\about.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\antiRansomware.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\antiTrack.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\ask.ogg.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\batterySaver.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\browserDetection.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\browserDetectionWindow.html.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\browserExtensions.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\ccaiWidgetStyle.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\core.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\darkWebMonitor.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\dashboard.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\dataShredder.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\deepProtect.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\done.ogg.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\doNotDisturb.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\driverUpdater.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\feedbackForm.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\firewall.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\help.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\i18n.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\kin.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\libs.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ar.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-be.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-bg.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-bn.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ca.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-cs.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-da.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-de.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-el.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-en.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-en_GB.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-es_ES.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-et.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-fa.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-fi.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-fr.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-he.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-hi.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-hr.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-hu.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-id.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-it.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ja.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ko.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-lt.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-lv.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ms.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-nb.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-nl.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-pl.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-pt_BR.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-pt_PT.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ro.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ru.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-sk.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-sl.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-sr_CS.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-sv_SE.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-th.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-tr.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-uk.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ur_PK.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-vi.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-zh_CN.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-zh_TW.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainCss.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainCss_dark.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainCss_light.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainFont.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainFont_dark.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainFont_light.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainLayout.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainLayoutCss.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainLayoutCss_dark.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainLayoutCss_light.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainSprite.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainSprite_dark.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainSprite_light.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainVars.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainVars_dark.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainVars_dark_test.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainVars_light.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainVars_light_test.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainVars_test.json.ipending.80cd7a23.lzma
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49710 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49716 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.206:443 -> 192.168.2.16:65204 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:65227 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:65258 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:65267 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.111.175.102:443 -> 192.168.2.16:65273 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65277 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65279 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65288 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65289 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.176.28:443 -> 192.168.2.16:65290 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.176.28:443 -> 192.168.2.16:65293 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65322 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65323 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.111.24.1:443 -> 192.168.2.16:65324 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65325 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65326 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65327 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65328 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.176.28:443 -> 192.168.2.16:65329 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65330 version: TLS 1.2
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocServer32
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler32
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\InprocHandler
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer32
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\LocalServer
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\Elevation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0F87369F-A4E5-4CFC-BD3E-73E6154572DD}
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeKey opened: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0f87369f-a4e5-4cfc-bd3e-73e6154572dd}\TreatAs
Source: chrome.exeMemory has grown: Private usage: 21MB later: 27MB
Source: global trafficTCP traffic: 192.168.2.16:65197 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:65197 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:65197 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:65197 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:65300 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:65197 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:65331 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:65300 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:65197 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:65331 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:65300 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:65197 -> 162.159.36.2:53
Source: global trafficTCP traffic: 192.168.2.16:65331 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:65300 -> 1.1.1.1:53
Source: global trafficTCP traffic: 192.168.2.16:65197 -> 162.159.36.2:53
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownTCP traffic detected without corresponding DNS query: 20.189.173.10
Source: unknownTCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknownTCP traffic detected without corresponding DNS query: 192.229.211.108
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficDNS traffic detected: DNS query: www.avast.com
Source: global trafficDNS traffic detected: DNS query: cdn.cookielaw.org
Source: global trafficDNS traffic detected: DNS query: static3.avast.com
Source: global trafficDNS traffic detected: DNS query: geolocation.onetrust.com
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: assets.adobedtm.com
Source: global trafficDNS traffic detected: DNS query: static.avast.com
Source: global trafficDNS traffic detected: DNS query: s.go-mpulse.net
Source: global trafficDNS traffic detected: DNS query: dpm.demdex.net
Source: global trafficDNS traffic detected: DNS query: www.nortonlifelock.com
Source: global trafficDNS traffic detected: DNS query: symantec.demdex.net
Source: global trafficDNS traffic detected: DNS query: cm.everesttech.net
Source: global trafficDNS traffic detected: DNS query: mhubc.avast.com
Source: global trafficDNS traffic detected: DNS query: c.go-mpulse.net
Source: global trafficDNS traffic detected: DNS query: www.upsellit.com
Source: global trafficDNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: oms.avast.com
Source: global trafficDNS traffic detected: DNS query: static.hotjar.com
Source: global trafficDNS traffic detected: DNS query: script.hotjar.com
Source: global trafficDNS traffic detected: DNS query: znb3hblkjhhpwrz9k-gendigital.siteintercept.qualtrics.com
Source: global trafficDNS traffic detected: DNS query: trial-eum-clientnsv4-s.akamaihd.net
Source: global trafficDNS traffic detected: DNS query: trial-eum-clienttons-s.akamaihd.net
Source: global trafficDNS traffic detected: DNS query: privacyportal-de.onetrust.com
Source: global trafficDNS traffic detected: DNS query: analytics.ff.avast.com
Source: global trafficDNS traffic detected: DNS query: baxhwiicct2ykzynbcxq-pm29i0-907b0ec03-clientnsv4-s.akamaihd.net
Source: global trafficDNS traffic detected: DNS query: 8-46-123-33_s-2-16-164-88_ts-1728907439-clienttons-s.akamaihd.net
Source: global trafficDNS traffic detected: DNS query: siteintercept.qualtrics.com
Source: global trafficDNS traffic detected: DNS query: connect.facebook.net
Source: global trafficDNS traffic detected: DNS query: 684dd325.akstat.io
Source: global trafficDNS traffic detected: DNS query: 4711400.fls.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: ad.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: td.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: analytics.google.com
Source: global trafficDNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: 206.23.85.13.in-addr.arpa
Source: global trafficDNS traffic detected: DNS query: mstatic.avast.com
Source: global trafficDNS traffic detected: DNS query: adservice.google.com
Source: global trafficDNS traffic detected: DNS query: bits.avcdn.net
Source: global trafficDNS traffic detected: DNS query: www.facebook.com
Source: global trafficDNS traffic detected: DNS query: ip-info.ff.avast.com
Source: global trafficDNS traffic detected: DNS query: v7event.stats.avast.com
Source: global trafficDNS traffic detected: DNS query: honzik.avcdn.net
Source: global trafficDNS traffic detected: DNS query: analytics.avcdn.net
Source: global trafficDNS traffic detected: DNS query: shepherd.avcdn.net
Source: global trafficDNS traffic detected: DNS query: ipm.avcdn.net
Source: unknownHTTP traffic detected: POST /cgi-bin/iavsevents.cgi HTTP/1.1Connection: Keep-AliveContent-Type: iavs4/statsUser-Agent: Avast Microstub/2.1Content-Length: 268Host: v7event.stats.avast.com
Source: unknownNetwork traffic detected: HTTP traffic on port 65208 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65266 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65220 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49736
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49735
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49856
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49855
Source: unknownNetwork traffic detected: HTTP traffic on port 49841 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49851
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49850
Source: unknownNetwork traffic detected: HTTP traffic on port 65198 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65226 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65261 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65289 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65329 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49806 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65237 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49849
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49727
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65254 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49842
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49841
Source: unknownNetwork traffic detected: HTTP traffic on port 65231 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65330
Source: unknownNetwork traffic detected: HTTP traffic on port 65248 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65219 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65267 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65208
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65329
Source: unknownNetwork traffic detected: HTTP traffic on port 65324 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65202
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65323
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65203
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49718
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65324
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65200
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49716
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65201
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65322
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65206
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49836
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65327
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49835
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65328
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65204
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65325
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65205
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65326
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65220
Source: unknownNetwork traffic detected: HTTP traffic on port 65203 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65221
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65219
Source: unknownNetwork traffic detected: HTTP traffic on port 49796 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65330 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65214
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 65214 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65217
Source: unknownNetwork traffic detected: HTTP traffic on port 65290 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65459
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65218
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65215
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65216
Source: unknownNetwork traffic detected: HTTP traffic on port 65256 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65273 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 65204 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65199 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65198
Source: unknownNetwork traffic detected: HTTP traffic on port 49813 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65199
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 49836 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65227 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49807 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49736 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65259 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 65265 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65459 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49851 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65325 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65250 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65216 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49718 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65260 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65215 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65255 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65232 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65249 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49835 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65288 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65221 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65277 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65273
Source: unknownNetwork traffic detected: HTTP traffic on port 65223 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65246 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65326 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65217 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65268
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65266
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65267
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49849 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65205 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65240 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65292 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49855 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65279
Source: unknownNetwork traffic detected: HTTP traffic on port 49798 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65277
Source: unknownNetwork traffic detected: HTTP traffic on port 65258 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49735 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65293
Source: unknownNetwork traffic detected: HTTP traffic on port 65206 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65292
Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65290
Source: unknownNetwork traffic detected: HTTP traffic on port 65264 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65293 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49850 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65222 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65251 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65288
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65289
Source: unknownNetwork traffic detected: HTTP traffic on port 65234 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49798
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49796
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49794
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49856 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65228 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65245 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65327 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65200 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65239 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
Source: unknownNetwork traffic detected: HTTP traffic on port 49842 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65279 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65231
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65232
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65230
Source: unknownNetwork traffic detected: HTTP traffic on port 65262 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49727 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
Source: unknownNetwork traffic detected: HTTP traffic on port 65322 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65224
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49810 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65236 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65222
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65223
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65228
Source: unknownNetwork traffic detected: HTTP traffic on port 65253 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49813
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65229
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65226
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65227
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49810
Source: unknownNetwork traffic detected: HTTP traffic on port 65230 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65240
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65241
Source: unknownNetwork traffic detected: HTTP traffic on port 65201 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65247 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49794 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65268 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49809
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65235
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49807
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49806
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65236
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65234
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65239
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65237
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65250
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65253
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65254
Source: unknownNetwork traffic detected: HTTP traffic on port 49678 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65251
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65252
Source: unknownNetwork traffic detected: HTTP traffic on port 65202 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65241 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65229 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65328 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65246
Source: unknownNetwork traffic detected: HTTP traffic on port 49809 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65247
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65245
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65248
Source: unknownNetwork traffic detected: HTTP traffic on port 65257 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65249
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65260
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65261
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65264
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65265
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65262
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65263
Source: unknownNetwork traffic detected: HTTP traffic on port 65224 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65263 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65218 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65323 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65257
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65258
Source: unknownNetwork traffic detected: HTTP traffic on port 49716 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65255
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65256
Source: unknownNetwork traffic detected: HTTP traffic on port 65235 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 65252 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 65259
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.16:49710 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:49716 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.85.23.206:443 -> 192.168.2.16:65204 version: TLS 1.2
Source: unknownHTTPS traffic detected: 20.109.210.53:443 -> 192.168.2.16:65227 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:65258 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.16:65267 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.111.175.102:443 -> 192.168.2.16:65273 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65277 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65279 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65288 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65289 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.176.28:443 -> 192.168.2.16:65290 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.176.28:443 -> 192.168.2.16:65293 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65322 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65323 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.111.24.1:443 -> 192.168.2.16:65324 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65325 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65326 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65327 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65328 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.160.176.28:443 -> 192.168.2.16:65329 version: TLS 1.2
Source: unknownHTTPS traffic detected: 34.117.223.223:443 -> 192.168.2.16:65330 version: TLS 1.2
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Windows\system32\icarus_rvrt.exe
Source: classification engineClassification label: mal52.evad.win@33/174@158/517
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Common Files\Avast Software
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeMutant created: NULL
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeMutant created: \Sessions\1\BaseNamedObjects\Global\{32B25EF2-80FD-4C66-97E1-0890D9E9F87B}
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeMutant created: \Sessions\1\BaseNamedObjects\Global\ea67551ee097675200e86a3984869e47
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeMutant created: \Sessions\1\BaseNamedObjects\Global\21153f9a453ce1396b9ccaad33001c74
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeMutant created: \Sessions\1\BaseNamedObjects\Global\b69b3b9d4176b91ae68b975b0c759d2a
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeFile created: C:\Windows\Temp\asw.b41a1a6fa5bb3a22
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile read: C:\ProgramData\Avast Software\Icarus\settings\temporary_proxy.ini
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiers
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile read: C:\Windows\System32\drivers\etc\hosts
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1964,i,7682735342506736524,17143354109292339007,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknownProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail"
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1964,i,7682735342506736524,17143354109292339007,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5656 --field-trial-handle=1964,i,7682735342506736524,17143354109292339007,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5656 --field-trial-handle=1964,i,7682735342506736524,17143354109292339007,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe "C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe"
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeProcess created: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe "C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe" /cookie:mmm_ava_esg_000_361_m /ga_clientid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe "C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe"
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeProcess created: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe "C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe" /cookie:mmm_ava_esg_000_361_m /ga_clientid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe /icarus-info-path:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\icarus-info.xml /install /cookie:mmm_ava_esg_000_361_m /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exe C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe /icarus-info-path:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\icarus-info.xml /install /cookie:mmm_ava_esg_000_361_m /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb /er_slave:avast-av_slave_ep_5ee5cb36-6cb6-4d8e-82b4-8555143c26e4 /slave:avast-av
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exe C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb /er_slave:avast-av-vps_slave_ep_6501dd8f-66c5-4442-920f-c2eed9ef0f40 /slave:avast-av-vps
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb /er_slave:avast-av_slave_ep_5ee5cb36-6cb6-4d8e-82b4-8555143c26e4 /slave:avast-av
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exe C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb /er_slave:avast-av-vps_slave_ep_6501dd8f-66c5-4442-920f-c2eed9ef0f40 /slave:avast-av-vps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknown
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: cryptsp.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: rsaenh.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: cryptbase.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: version.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: netprofm.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: npmproxy.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: winhttp.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: windowscodecs.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: msasn1.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: webio.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: mswsock.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: iphlpapi.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: winnsi.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: iconcodecservice.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: sspicli.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: uxtheme.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: textinputframework.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: coreuicomponents.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: coremessaging.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: ntmarta.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: wintypes.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: wintypes.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: wintypes.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: dnsapi.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: rasadhlp.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: fwpuclnt.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: schannel.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: mskeyprotect.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: ntasn1.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: ncrypt.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: ncryptsslp.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: msasn1.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: gpapi.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: dpapi.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSection loaded: apphelp.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: version.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: windows.storage.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: wldp.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: profapi.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: cryptsp.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: rsaenh.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: cryptbase.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: dpapi.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: winhttp.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: mswsock.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: iphlpapi.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: winnsi.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: dhcpcsvc6.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: dhcpcsvc.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: webio.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: sspicli.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: dnsapi.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: rasadhlp.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: fwpuclnt.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: schannel.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: uxtheme.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: windowscodecs.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: textinputframework.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: coreuicomponents.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: coremessaging.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: ntmarta.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: wintypes.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: wintypes.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: wintypes.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: propsys.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: explorerframe.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: mskeyprotect.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: ntasn1.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: ncrypt.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: ncryptsslp.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: msasn1.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: gpapi.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: textshaping.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSection loaded: apphelp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: winhttp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: powrprof.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: netapi32.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: iphlpapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: secur32.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: dnsapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: cryptbase.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: netutils.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: samcli.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: sspicli.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: umpdc.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: dbghelp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: dbgcore.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: windows.storage.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: wldp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: profapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: ntmarta.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: cryptsp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: rsaenh.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: dhcpcsvc6.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: dhcpcsvc.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: napinsp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: pnrpnsp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: wshbth.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: nlaapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: mswsock.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: winrnr.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: version.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: schannel.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: mskeyprotect.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: ntasn1.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: ncrypt.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: ncryptsslp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: apphelp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: rasadhlp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: userenv.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: wtsapi32.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: powrprof.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: version.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: oleacc.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: usp10.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: wininet.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: winmm.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: cryptbase.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: umpdc.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: dbghelp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: dbgcore.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: windows.storage.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: wldp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: profapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: cryptsp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: rsaenh.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: uxtheme.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: winsta.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: d2d1.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: dwrite.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: dwmapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: mswsock.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: dataexchange.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: d3d11.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: dcomp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: dxgi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: twinapi.appcore.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: directmanipulation.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: resourcepolicyclient.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: d3d10warp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: dxcore.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: propsys.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: textinputframework.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: coreuicomponents.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: coremessaging.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: ntmarta.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: wintypes.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: wintypes.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: wintypes.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: textshaping.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: uiautomationcore.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: explorerframe.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: winhttp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: powrprof.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: netapi32.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: iphlpapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: secur32.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: dnsapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: cryptbase.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: netutils.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: samcli.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: sspicli.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: umpdc.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: dbghelp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: dbgcore.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: windows.storage.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: wldp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: profapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: ntmarta.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: dhcpcsvc6.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: dhcpcsvc.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: napinsp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: pnrpnsp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: wshbth.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: nlaapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: mswsock.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: winrnr.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: fwpuclnt.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: userenv.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: wtsapi32.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: version.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: msasn1.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: cryptsp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: rsaenh.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: winhttp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: powrprof.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: netapi32.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: iphlpapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: secur32.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: dnsapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: cryptbase.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: netutils.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: samcli.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: sspicli.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: umpdc.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: dbghelp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: dbgcore.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: windows.storage.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: wldp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: profapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: ntmarta.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: kernel.appcore.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: dhcpcsvc6.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: dhcpcsvc.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: napinsp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: pnrpnsp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: wshbth.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: nlaapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: mswsock.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: winrnr.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: version.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: uxtheme.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSection loaded: taskschd.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: iertutil.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: sspicli.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: winhttp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: iphlpapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: winnsi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: urlmon.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: srvcli.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: netutils.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: dnsapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: rasadhlp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: fwpuclnt.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: schannel.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: mskeyprotect.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: ntasn1.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: msasn1.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: dpapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: gpapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: ncrypt.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeSection loaded: ncryptsslp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: uxtheme.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: wscapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: urlmon.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: iertutil.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: srvcli.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: wscapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: urlmon.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: iertutil.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: srvcli.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: wscapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: urlmon.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: iertutil.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: srvcli.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: wscapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: urlmon.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: iertutil.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: srvcli.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: wscapi.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: urlmon.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: iertutil.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: srvcli.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: schannel.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: mskeyprotect.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: ntasn1.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: ncrypt.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: ncryptsslp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSection loaded: rasadhlp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: userenv.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: cryptsp.dll
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSection loaded: rsaenh.dll
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{DCB00C01-570F-4A9B-8D69-199FDBA5723B}\InProcServer32
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile written: C:\ProgramData\Avast Software\Icarus\settings\temporary_proxy.ini
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Common Files\Avast Software
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Common Files\Avast Software\Icarus
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Common Files\Avast Software\Icarus\avast-av
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\setup
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Common Files\Avast Software\Overseer
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\BrandingData
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\setup\asw90c391f1eedb9057.tmp
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\setup\config.def.ipending.80cd7a23
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\BrowserCleanup.ini.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libwaheap.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libwalocal.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libwaapi.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libwaresource.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libwautils.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libwavmodapi.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\su_adapter.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\su_common.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\su_controller.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\su_worker.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\wa_3rd_party_host_64.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\wa_3rd_party_host_32.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\afwCoreClient.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\afwRpc.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\afwServ.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\dnd_helper.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\gaming_hook.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gaming_hook.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\dnd_helper.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\hns_tools.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswhook.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswbidsdriver.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswidpm.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswidsagent.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswhook.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\background.png.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\background-loading.png.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\waikamd64.mst.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\aswShMin.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEShell.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEAntivirus.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\aswRegLib.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEBrowser.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPECommander.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\wxbase315u_vc.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RescueDisk\wxmsw315u_core_vc.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\snxhk.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\snxhk.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswSnx.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\asulaunch.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057\aswClnTg.htm.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057\aswClnTg.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057\aswInfTg.htm.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057\aswInfTg.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057\Base.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057\Boot.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\2057\uiLangRes.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033\aswClnTg.htm.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033\aswClnTg.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033\aswInfTg.htm.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033\aswInfTg.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033\Base.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033\Boot.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\1033\uiLangRes.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswArDisk.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswArPot.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\BreachGuardSdk.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswProperty.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswPropertyAv.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\AavmRpch.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\ashShell.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\dll_loader.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswCmnOS.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswCmnIS.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswCmnBS.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\firefox_pass.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswBrowser.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswAMSI.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\Boost.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\brotli.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\bsdiff.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\bzip2.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\c-ares.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\cef.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\Crypto++.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\cURL.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\Detours.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\dnscrypt-proxy.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\GSL.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\ICU.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\intel_asm.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\jansson.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\JsonCpp.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\lexbor.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\libevent.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\libPNG.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\libsodium.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\LUA.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\lzfse.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\LZMA.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\mbedTLS.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\mhook.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\nanopb.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\nghttp2.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\OpenSSL.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\PCRE.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\protobuf.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\pugixml.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\rapidjson.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\sqlite.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\unrar.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\vxWidgets.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\Xerces.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\xmlParser.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\xxHash.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\yara.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Licenses\zlib.txt.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswCmnBS.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswCmnOS.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswCmnIS.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ashBase.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ashServ.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswAv.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ashShell.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ashTask.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ashQuick.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ashUpd.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswAux.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswDld.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\CommChannel.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\streamback.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ntp_time.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\sched.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswEngLdr.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswEngSrv.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswLog.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswProperty.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswPropertyAv.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswW8ntf.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\uet_client.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\anen.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\perfstats.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\CommonRes.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswSqLt.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\VisthAux.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswChLic.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswIP.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswRvrt.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\log.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\burger_client.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\tasks_core.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\task_performance_logger.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\process_monitor.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\serialization.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\event_routing.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\event_routing_rpc.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\event_manager.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\event_manager_burger.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\event_manager_ga.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\event_manager_er.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\ffl2.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\browser_pass.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\vaarclient.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\module_lifetime.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\dll_loader.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\shepherdsync.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\fltlib_wrapper.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvastSvc.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AavmRpch.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswBoot.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\wsc.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\firefox_pass.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswAMSI.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvastNM.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswBrowser.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\wsc_proxy.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\wsc_proxy.exe.manifest.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvEmUpdate.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\SupportTool.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\nos.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswAvBootTimeScanShMin.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\OobeUtil.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\mfc140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\mfc140u.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\mfcm140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\mfcm140u.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\crts.cat.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\avast.local_vc142.crt.manifest.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-console-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-console-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-datetime-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-debug-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-errorhandling-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-fibers-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-handle-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-heap-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-interlocked-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-libraryloader-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-louserzation-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-memory-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-namedpipe-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processenvironment-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-profile-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-rtlsupport-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-string-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-sysinfo-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-util-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-conio-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-private-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-process-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\concrt140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140_1.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140_2.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140_atomic_wait.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\msvcp140_codecvt_ids.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vccorlib140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140_1.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\vcruntime140_threads.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\avast.local_vc142.crt.manifest.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-console-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-console-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-datetime-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-debug-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-errorhandling-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-fibers-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-file-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-handle-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-heap-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-interlocked-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-libraryloader-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-louserzation-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-memory-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-namedpipe-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-processenvironment-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-profile-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-rtlsupport-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-string-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-synch-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-sysinfo-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-core-util-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\API-MS-Win-core-xstate-l2-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-conio-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-private-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-process-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\concrt140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\msvcp140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\msvcp140_1.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\msvcp140_2.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\msvcp140_atomic_wait.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\msvcp140_codecvt_ids.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\ucrtbase.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\vccorlib140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\vcruntime140.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\avast.local_vc142.crt\vcruntime140_threads.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\HTMLayout.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvLaunch.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvastUI.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvConsent.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\jsbridge.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswKbd.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswNetHub.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libssl-3-x64.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libcrypto-3-x64.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\protobuf.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswRdr2.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswMonFlt.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswSP.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswRvrt.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswElam.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswbidsh.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswbuniv.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswavdetection.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswcomm.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswdetallocator.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswntsqlite.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswpsic.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswremoval.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswsecapi.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswwinamapi.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswStm.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\RegSvr.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\aswRunDll.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\x86\AvDump.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswRunDll.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\RegSvr.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvBugReport.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\AvDump.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\SetupInf.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\overseer.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswToolsSvc.exe.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\aswVmm.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\Inf\x64\aswVmm.sys.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\chrome_100_percent.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\chrome_200_percent.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\resources.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\icudtl.dat.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\am.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ar.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\bg.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\bn.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ca.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\cs.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\da.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\de.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\el.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\en-GB.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\en-US.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\es-419.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\es.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\et.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\fa.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\fi.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\fil.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\fr.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\gu.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\he.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\hi.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\hr.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\hu.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\id.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\it.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ja.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\kn.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ko.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\lt.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\lv.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ml.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\mr.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ms.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\nb.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\nl.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\pl.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\pt-BR.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\pt-PT.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ro.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ru.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\sk.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\sl.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\sr.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\sv.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\sw.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\ta.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\te.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\th.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\tr.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\uk.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\vi.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\zh-CN.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\locales\zh-TW.pak.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\swiftshader
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\swiftshader\libEGL.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\swiftshader\libGLESv2.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\chrome_elf.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libcef.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\d3dcompiler_47.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libEGL.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\libGLESv2.dll.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\snapshot_blob.bin.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\v8_context_snapshot.bin.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\about.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\antiRansomware.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\antiTrack.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\ask.ogg.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\batterySaver.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\browserDetection.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\browserDetectionWindow.html.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\browserExtensions.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\ccaiWidgetStyle.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\core.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\darkWebMonitor.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\dashboard.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\dataShredder.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\deepProtect.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\done.ogg.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\doNotDisturb.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\driverUpdater.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\feedbackForm.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\firewall.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\help.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\i18n.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\kin.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\libs.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ar.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-be.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-bg.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-bn.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ca.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-cs.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-da.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-de.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-el.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-en.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-en_GB.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-es_ES.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-et.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-fa.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-fi.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-fr.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-he.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-hi.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-hr.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-hu.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-id.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-it.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ja.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ko.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-lt.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-lv.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ms.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-nb.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-nl.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-pl.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-pt_BR.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-pt_PT.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ro.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ru.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-sk.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-sl.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-sr_CS.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-sv_SE.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-th.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-tr.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-uk.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-ur_PK.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-vi.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-zh_CN.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\locale-zh_TW.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainCss.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainCss_dark.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainCss_light.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainFont.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainFont_dark.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainFont_light.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainLayout.js.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainLayoutCss.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainLayoutCss_dark.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainLayoutCss_light.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainSprite.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainSprite_dark.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainSprite_light.css.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainVars.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainVars_dark.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainVars_dark_test.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainVars_light.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainVars_light_test.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDirectory created: C:\Program Files\Avast Software\Avast\gui_resources\default_av\mainVars_test.json.ipending.80cd7a23.lzma
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus_product.dllJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\libwaheap.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\libwautils.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\libwavmodapi.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEAntivirus.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\wa_3rd_party_host_32.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\bug_report.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\libwaresource.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\aswRegLib.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\wa_3rd_party_host_64.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\su_adapter.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\libwaapi.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus_product.dllJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\wxmsw315u_core_vc.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\Downloads\Unconfirmed 978694.crdownloadJump to dropped file
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\Downloads\15902c04-aec0-45b7-9afb-395cc40bae76.tmpJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\aswOfferTool.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\x86\snxhk.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\x86\dnd_helper.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\aswidpm.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\aswShMin.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\afwCoreClient.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\libwalocal.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\snxhk.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\su_worker.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_mod.dllJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\wxbase315u_vc.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPECommander.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\dump_process.exeJump to dropped file
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeFile created: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\Inf\x64\aswSnx.sys.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEBrowser.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEShell.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\su_common.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\afwRpc.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\afwServ.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\bug_report.exeJump to dropped file
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\dump_process.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus_rvrt.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus_product.dllJump to dropped file
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\bug_report.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeJump to dropped file
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_mod.dllJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus_product.dllJump to dropped file
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\dump_process.exeJump to dropped file
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeFile created: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\aswOfferTool.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\bug_report.exeJump to dropped file
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\dump_process.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus_rvrt.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\aswRegLib.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\su_common.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\libwalocal.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\Inf\x64\aswSnx.sys.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\libwaapi.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\wxbase315u_vc.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\x86\snxhk.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\wa_3rd_party_host_32.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPECommander.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\libwaheap.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\aswShMin.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\snxhk.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEAntivirus.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\libwavmodapi.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\su_worker.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\wxmsw315u_core_vc.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEBrowser.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEShell.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\x86\dnd_helper.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\afwServ.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\libwaresource.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\afwRpc.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\su_adapter.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\aswidpm.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\wa_3rd_party_host_64.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\afwCoreClient.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeFile created: C:\Program Files\Avast Software\Avast\libwautils.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeRegistry key created: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\partmgr
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: FAILCRITICALERRORS | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX

Malware Analysis System Evasion

barindex
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeSystem information queried: FirmwareTableInformation
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSystem information queried: FirmwareTableInformation
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeSystem information queried: FirmwareTableInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSystem information queried: FirmwareTableInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeSystem information queried: FirmwareTableInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSystem information queried: FirmwareTableInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSystem information queried: FirmwareTableInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeSystem information queried: FirmwareTableInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSystem information queried: FirmwareTableInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeSystem information queried: FirmwareTableInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeWindow / User API: windowPlacementGot 488
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeDropped PE file which has not been started: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus_product.dllJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\libwaheap.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\libwautils.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\libwavmodapi.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEAntivirus.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\wa_3rd_party_host_32.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeDropped PE file which has not been started: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\bug_report.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\libwaresource.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\RescueDisk\aswRegLib.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\wa_3rd_party_host_64.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\su_adapter.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\libwaapi.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeDropped PE file which has not been started: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus_product.dllJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\RescueDisk\wxmsw315u_core_vc.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeDropped PE file which has not been started: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\aswOfferTool.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\x86\snxhk.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\x86\dnd_helper.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\aswidpm.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\RescueDisk\aswShMin.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\afwCoreClient.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\libwalocal.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\snxhk.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\su_worker.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeDropped PE file which has not been started: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_mod.dllJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\RescueDisk\wxbase315u_vc.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\RescueDisk\aswPECommander.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeDropped PE file which has not been started: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeDropped PE file which has not been started: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\dump_process.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\Inf\x64\aswSnx.sys.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEBrowser.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\RescueDisk\aswPEShell.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\su_common.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\afwRpc.dll.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeDropped PE file which has not been started: C:\Program Files\Avast Software\Avast\afwServ.exe.ipending.80cd7a23Jump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeDropped PE file which has not been started: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\bug_report.exeJump to dropped file
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeDropped PE file which has not been started: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\dump_process.exeJump to dropped file
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeDropped PE file which has not been started: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus_rvrt.exeJump to dropped file
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe TID: 5564Thread sleep time: -30000s >= -30000s
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe TID: 6928Thread sleep time: -90000s >= -30000s
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exe TID: 6644Thread sleep count: 33 > 30
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exe TID: 6868Thread sleep count: 53 > 30
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exe TID: 3364Thread sleep count: 68 > 30
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exe TID: 4364Thread sleep count: 44 > 30
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe TID: 2844Thread sleep count: 39 > 30
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeFile opened: PhysicalDrive0
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeFile Volume queried: unknown FullSizeInformation
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeFile Volume queried: C:\ FullSizeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile Volume queried: C:\ FullSizeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile Volume queried: C:\ FullSizeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeFile Volume queried: C:\ FullSizeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess information queried: ProcessInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess token adjusted: Debug
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeProcess token adjusted: Debug
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeProcess token adjusted: Debug
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeProcess token adjusted: Debug

HIPS / PFW / Operating System Protection Evasion

barindex
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeMemory allocated: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exe base: 21874DB0000 protect: page read and write
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeMemory written: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exe base: 21874DB0000
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeMemory written: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exe base: 4D343132D8
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeProcess created: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe "C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe" /cookie:mmm_ava_esg_000_361_m /ga_clientid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe /icarus-info-path:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\icarus-info.xml /install /cookie:mmm_ava_esg_000_361_m /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb /er_slave:avast-av_slave_ep_5ee5cb36-6cb6-4d8e-82b4-8555143c26e4 /slave:avast-av
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exe C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:C:\Windows\Temp\asw.b41a1a6fa5bb3a22 /geo:US /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb /er_slave:avast-av-vps_slave_ep_6501dd8f-66c5-4442-920f-c2eed9ef0f40 /slave:avast-av-vps
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe c:\windows\temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe /icarus-info-path:c:\windows\temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\icarus-info.xml /install /cookie:mmm_ava_esg_000_361_m /edat_dir:c:\windows\temp\asw.b41a1a6fa5bb3a22 /geo:us /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exe c:\windows\temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:c:\windows\temp\asw.b41a1a6fa5bb3a22 /geo:us /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb
Source: C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe c:\windows\temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe /icarus-info-path:c:\windows\temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\icarus-info.xml /install /cookie:mmm_ava_esg_000_361_m /edat_dir:c:\windows\temp\asw.b41a1a6fa5bb3a22 /geo:us /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe c:\windows\temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:c:\windows\temp\asw.b41a1a6fa5bb3a22 /geo:us /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb /er_slave:avast-av_slave_ep_5ee5cb36-6cb6-4d8e-82b4-8555143c26e4 /slave:avast-av
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exe c:\windows\temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:c:\windows\temp\asw.b41a1a6fa5bb3a22 /geo:us /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb /er_slave:avast-av-vps_slave_ep_6501dd8f-66c5-4442-920f-c2eed9ef0f40 /slave:avast-av-vps
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe c:\windows\temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:c:\windows\temp\asw.b41a1a6fa5bb3a22 /geo:us /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb /er_slave:avast-av_slave_ep_5ee5cb36-6cb6-4d8e-82b4-8555143c26e4 /slave:avast-av
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeProcess created: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exe c:\windows\temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exe /cookie:mmm_ava_esg_000_361_m /edat_dir:c:\windows\temp\asw.b41a1a6fa5bb3a22 /geo:us /track-guid:cbce59f8-4a2d-4f15-9a87-a1971e4ca5dc /sssid:4800 /er_master:master_ep_2338ab20-7757-44ff-a47c-bf7b68064677 /er_ui:ui_ep_bb3437a0-a0ec-43fc-be46-688788b809bb /er_slave:avast-av-vps_slave_ep_6501dd8f-66c5-4442-920f-c2eed9ef0f40 /slave:avast-av-vps
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeRegistry key value queried: HKEY_LOCAL_MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeQueries volume information: C:\ProgramData\Avast Software\Icarus\Logs\icarus.log VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeQueries volume information: C:\ProgramData\Avast Software\Icarus\Logs\icarus.log VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeQueries volume information: C:\ProgramData\Avast Software\Icarus\Logs\event_manager.log VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeQueries volume information: C:\ProgramData\Avast Software\Icarus\Logs\event_manager.log VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeQueries volume information: C:\ProgramData\Avast Software\Icarus\Logs\event_manager.log VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeQueries volume information: C:\ProgramData\Avast Software\Icarus\Logs\icarus.log VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exeQueries volume information: C:\ProgramData\Avast Software\Icarus\Logs\icarus.log VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\verdana.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\bahnschrift.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\Candara.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\comic.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\constan.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\corbel.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\cour.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\ebrima.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\framd.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\Gabriola.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\gadugi.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\georgia.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\impact.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\Inkfree.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\javatext.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\LeelawUI.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\lucon.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\l_10646.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\himalaya.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\msjh.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\ntailu.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\phagspa.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\micross.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\taile.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\msyi.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\mingliub.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\monbaiti.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\msgothic.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\mvboli.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\mmrtext.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\Nirmala.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\Nirmala.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\tahoma.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\msyh.ttc VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\malgun.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_ui.exeQueries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformation
Source: C:\Users\user\Downloads\avast_free_antivirus_setup_online.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Command and Scripting Interpreter		1
Windows Service		1
Windows Service		33
Masquerading		OS Credential Dumping11
Security Software Discovery		Remote ServicesData from Local System2
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault Accounts1
Scheduled Task/Job		1
Scheduled Task/Job		211
Process Injection		121
Virtualization/Sandbox Evasion		LSASS Memory121
Virtualization/Sandbox Evasion		Remote Desktop ProtocolData from Removable Media2
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAt1
Registry Run Keys / Startup Folder		1
Scheduled Task/Job		211
Process Injection		Security Account Manager1
Process Discovery		SMB/Windows Admin SharesData from Network Shared Drive3
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCron1
DLL Side-Loading		1
Registry Run Keys / Startup Folder		1
DLL Side-Loading		NTDS1
Application Window Discovery		Distributed Component Object ModelInput CaptureProtocol ImpersonationTraffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script1
DLL Side-Loading		1
Extra Window Memory Injection		LSA Secrets1
Remote System Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts1
Extra Window Memory Injection		SteganographyCached Domain Credentials2
File and Directory Discovery		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup ItemsCompile After DeliveryDCSync33
System Information Discovery		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

SourceDetectionScannerLabelLink
C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe0%ReversingLabs
C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe0%ReversingLabs
C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\bug_report.exe0%ReversingLabs
C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\dump_process.exe0%ReversingLabs
C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus_rvrt.exe0%ReversingLabs
C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\aswOfferTool.exe0%ReversingLabs
C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus_product.dll0%ReversingLabs
C:\Program Files\Avast Software\Avast\Inf\x64\aswSnx.sys.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\RescueDisk\aswPEAntivirus.exe.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\RescueDisk\aswPECommander.exe.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\RescueDisk\aswRegLib.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\RescueDisk\aswShMin.exe.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\RescueDisk\wxbase315u_vc.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\libwaapi.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\libwaheap.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\libwalocal.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\snxhk.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\su_common.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\wa_3rd_party_host_32.exe.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\x86\snxhk.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\RescueDisk\aswPEBrowser.exe.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\RescueDisk\aswPEShell.exe.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\RescueDisk\wxmsw315u_core_vc.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\afwCoreClient.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\afwRpc.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\aswidpm.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\libwaresource.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\libwautils.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\libwavmodapi.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\su_adapter.dll.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\su_worker.exe.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\wa_3rd_party_host_64.exe.ipending.80cd7a230%ReversingLabs
C:\Program Files\Avast Software\Avast\x86\dnd_helper.dll.ipending.80cd7a230%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
dart.l.doubleclick.net
216.58.206.70
truefalse
    		unknown
    s-part-0044.t-0009.fb-t-msedge.net
    		13.107.253.72
    		truefalse
      		unknown
      privacyportal-de.onetrust.com
      		172.64.155.119
      		truefalse
        		unknown
        ip-info-gcp.ff.avast.com
        		34.111.175.102
        		truefalse
          		unknown
          adservice.google.com
          		172.217.16.194
          		truefalse
            		unknown
            fp2e7a.wpc.phicdn.net
            		192.229.221.95
            		truefalse
              		unknown
              stats.g.doubleclick.net
              		74.125.133.154
              		truefalse
                		unknown
                www.upsellit.com
                		34.117.39.58
                		truefalse
                  		unknown
                  scontent.xx.fbcdn.net
                  		157.240.251.9
                  		truefalse
                    		unknown
                    script.hotjar.com
                    		13.33.187.109
                    		truefalse
                      		unknown
                      www.google.com
                      		142.250.185.100
                      		truefalse
                        		unknown
                        dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.com
                        		34.249.54.253
                        		truefalse
                          		unknown
                          static-cdn.hotjar.com
                          		18.66.102.11
                          		truefalse
                            		unknown
                            star-mini.c10r.facebook.com
                            		157.240.253.35
                            		truefalse
                              		unknown
                              ipm-gcp-prod.ff.avast.com
                              		34.111.24.1
                              		truefalse
                                		unknown
                                ad.doubleclick.net
                                		142.250.185.230
                                		truefalse
                                  		unknown
                                  s-part-0017.t-0009.fb-t-msedge.net
                                  		13.107.253.45
                                  		truefalse
                                    		unknown
                                    analytics-prod-gcp.ff.avast.com
                                    		34.117.223.223
                                    		truefalse
                                      		unknown
                                      ax-0001.ax-msedge.net
                                      		150.171.28.10
                                      		truefalse
                                        		unknown
                                        bg.microsoft.map.fastly.net
                                        		199.232.210.172
                                        		truefalse
                                          		unknown
                                          analytics-alv.google.com
                                          		216.239.38.181
                                          		truefalse
                                            		unknown
                                            googleads.g.doubleclick.net
                                            		172.217.16.130
                                            		truefalse
                                              		unknown
                                              cchridx27a.data.adobedc.net
                                              		63.140.62.27
                                              		truefalse
                                                		unknown
                                                shepherd-gcp.ff.avast.com
                                                		34.160.176.28
                                                		truefalse
                                                  		unknown
                                                  mstatic.avast.com
                                                  		20.50.2.44
                                                  		truefalse
                                                    		unknown
                                                    td.doubleclick.net
                                                    		142.250.184.226
                                                    		truefalse
                                                      		unknown
                                                      analytics.google.com
                                                      		172.217.18.14
                                                      		truefalse
                                                        		unknown
                                                        cdn.cookielaw.org
                                                        		104.18.87.42
                                                        		truefalse
                                                          		unknown
                                                          geolocation.onetrust.com
                                                          		172.64.155.119
                                                          		truefalse
                                                            		unknown
                                                            www.avast.com
                                                            		unknown
                                                            		unknownfalse
                                                              		unknown
                                                              bits.avcdn.net
                                                              		unknown
                                                              		unknownfalse
                                                                		unknown
                                                                s.go-mpulse.net
                                                                		unknown
                                                                		unknownfalse
                                                                  		unknown
                                                                  static.avast.com
                                                                  		unknown
                                                                  		unknownfalse
                                                                    		unknown
                                                                    siteintercept.qualtrics.com
                                                                    		unknown
                                                                    		unknownfalse
                                                                      		unknown
                                                                      cm.everesttech.net
                                                                      		unknown
                                                                      		unknownfalse
                                                                        		unknown
                                                                        baxhwiicct2ykzynbcxq-pm29i0-907b0ec03-clientnsv4-s.akamaihd.net
                                                                        		unknown
                                                                        		unknownfalse
                                                                          		unknown
                                                                          v7event.stats.avast.com
                                                                          		unknown
                                                                          		unknownfalse
                                                                            		unknown
                                                                            static.hotjar.com
                                                                            		unknown
                                                                            		unknownfalse
                                                                              		unknown
                                                                              trial-eum-clientnsv4-s.akamaihd.net
                                                                              		unknown
                                                                              		unknownfalse
                                                                                		unknown
                                                                                shepherd.avcdn.net
                                                                                		unknown
                                                                                		unknownfalse
                                                                                  		unknown
                                                                                  www.nortonlifelock.com
                                                                                  		unknown
                                                                                  		unknownfalse
                                                                                    		unknown
                                                                                    684dd325.akstat.io
                                                                                    		unknown
                                                                                    		unknownfalse
                                                                                      		unknown
                                                                                      206.23.85.13.in-addr.arpa
                                                                                      		unknown
                                                                                      		unknownfalse
                                                                                        		unknown
                                                                                        dpm.demdex.net
                                                                                        		unknown
                                                                                        		unknownfalse
                                                                                          		unknown
                                                                                          analytics.avcdn.net
                                                                                          		unknown
                                                                                          		unknownfalse
                                                                                            		unknown
                                                                                            4711400.fls.doubleclick.net
                                                                                            		unknown
                                                                                            		unknownfalse
                                                                                              		unknown
                                                                                              honzik.avcdn.net
                                                                                              		unknown
                                                                                              		unknownfalse
                                                                                                		unknown
                                                                                                analytics.ff.avast.com
                                                                                                		unknown
                                                                                                		unknownfalse
                                                                                                  		unknown
                                                                                                  www.facebook.com
                                                                                                  		unknown
                                                                                                  		unknownfalse
                                                                                                    		unknown
                                                                                                    8-46-123-33_s-2-16-164-88_ts-1728907439-clienttons-s.akamaihd.net
                                                                                                    		unknown
                                                                                                    		unknownfalse
                                                                                                      		unknown
                                                                                                      assets.adobedtm.com
                                                                                                      		unknown
                                                                                                      		unknownfalse
                                                                                                        		unknown
                                                                                                        trial-eum-clienttons-s.akamaihd.net
                                                                                                        		unknown
                                                                                                        		unknownfalse
                                                                                                          		unknown
                                                                                                          znb3hblkjhhpwrz9k-gendigital.siteintercept.qualtrics.com
                                                                                                          		unknown
                                                                                                          		unknownfalse
                                                                                                            		unknown
                                                                                                            oms.avast.com
                                                                                                            		unknown
                                                                                                            		unknownfalse
                                                                                                              		unknown
                                                                                                              connect.facebook.net
                                                                                                              		unknown
                                                                                                              		unknownfalse
                                                                                                                		unknown
                                                                                                                ipm.avcdn.net
                                                                                                                		unknown
                                                                                                                		unknownfalse
                                                                                                                  		unknown
                                                                                                                  symantec.demdex.net
                                                                                                                  		unknown
                                                                                                                  		unknownfalse
                                                                                                                    		unknown
                                                                                                                    mhubc.avast.com
                                                                                                                    		unknown
                                                                                                                    		unknownfalse
                                                                                                                      		unknown
                                                                                                                      c.go-mpulse.net
                                                                                                                      		unknown
                                                                                                                      		unknownfalse
                                                                                                                        		unknown
                                                                                                                        ip-info.ff.avast.com
                                                                                                                        		unknown
                                                                                                                        		unknownfalse
                                                                                                                          		unknown
                                                                                                                          static3.avast.com
                                                                                                                          		unknown
                                                                                                                          		unknownfalse
                                                                                                                            		unknown

                                                                                                                            Contacted URLs

                                                                                                                            NameMaliciousAntivirus DetectionReputation
                                                                                                                            https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pcfalse
                                                                                                                              		unknown

                                                                                                                              World Map of Contacted IPs

                                                                                                                              • No. of IPs < 25%
                                                                                                                              • 25% < No. of IPs < 50%
                                                                                                                              • 50% < No. of IPs < 75%
                                                                                                                              • 75% < No. of IPs

                                                                                                                              Public IPs

                                                                                                                              IPDomainCountryFlagASNASN NameMalicious
                                                                                                                              34.111.24.1
                                                                                                                              		ipm-gcp-prod.ff.avast.comUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              18.66.102.11
                                                                                                                              		static-cdn.hotjar.comUnited States
                                                                                                                              		3MIT-GATEWAYSUSfalse
                                                                                                                              184.27.96.174
                                                                                                                              		unknownUnited States
                                                                                                                              		7016CCCH-3USfalse
                                                                                                                              2.20.245.133
                                                                                                                              		unknownEuropean Union
                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                              142.250.185.100
                                                                                                                              		www.google.comUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              104.18.32.137
                                                                                                                              		unknownUnited States
                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                              142.250.185.142
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              142.250.184.226
                                                                                                                              		td.doubleclick.netUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              199.232.210.172
                                                                                                                              		bg.microsoft.map.fastly.netUnited States
                                                                                                                              		54113FASTLYUSfalse
                                                                                                                              2.19.225.229
                                                                                                                              		unknownEuropean Union
                                                                                                                              		16625AKAMAI-ASUSfalse
                                                                                                                              142.250.185.66
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              104.18.87.42
                                                                                                                              		cdn.cookielaw.orgUnited States
                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                              20.50.2.44
                                                                                                                              		mstatic.avast.comUnited States
                                                                                                                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                              172.217.18.6
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              34.249.54.253
                                                                                                                              		dcs-public-edge-irl1-150041215.eu-west-1.elb.amazonaws.comUnited States
                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                              172.64.155.119
                                                                                                                              		privacyportal-de.onetrust.comUnited States
                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                              13.107.253.72
                                                                                                                              		s-part-0044.t-0009.fb-t-msedge.netUnited States
                                                                                                                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                              239.255.255.250
                                                                                                                              		unknownReserved
                                                                                                                              		unknownunknownfalse
                                                                                                                              142.250.185.230
                                                                                                                              		ad.doubleclick.netUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              23.201.240.55
                                                                                                                              		unknownUnited States
                                                                                                                              		16625AKAMAI-ASUSfalse
                                                                                                                              172.217.16.194
                                                                                                                              		adservice.google.comUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              157.240.253.35
                                                                                                                              		star-mini.c10r.facebook.comUnited States
                                                                                                                              		32934FACEBOOKUSfalse
                                                                                                                              13.33.187.109
                                                                                                                              		script.hotjar.comUnited States
                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                              104.17.208.240
                                                                                                                              		unknownUnited States
                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                              172.217.16.195
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              18.66.102.51
                                                                                                                              		unknownUnited States
                                                                                                                              		3MIT-GATEWAYSUSfalse
                                                                                                                              142.250.186.104
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              216.239.34.178
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              34.248.235.56
                                                                                                                              		unknownUnited States
                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                              216.58.206.70
                                                                                                                              		dart.l.doubleclick.netUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              2.16.164.104
                                                                                                                              		unknownEuropean Union
                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                              142.250.185.206
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              74.125.133.154
                                                                                                                              		stats.g.doubleclick.netUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              23.211.8.45
                                                                                                                              		unknownUnited States
                                                                                                                              		16625AKAMAI-ASUSfalse
                                                                                                                              172.217.18.14
                                                                                                                              		analytics.google.comUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              184.28.89.29
                                                                                                                              		unknownUnited States
                                                                                                                              		16625AKAMAI-ASUSfalse
                                                                                                                              104.17.209.240
                                                                                                                              		unknownUnited States
                                                                                                                              		13335CLOUDFLARENETUSfalse
                                                                                                                              216.239.38.181
                                                                                                                              		analytics-alv.google.comUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              216.58.206.36
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              63.140.62.27
                                                                                                                              		cchridx27a.data.adobedc.netUnited States
                                                                                                                              		15224OMNITUREUSfalse
                                                                                                                              2.16.164.88
                                                                                                                              		unknownEuropean Union
                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                              172.217.23.98
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              150.171.28.10
                                                                                                                              		ax-0001.ax-msedge.netUnited States
                                                                                                                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                              34.117.39.58
                                                                                                                              		www.upsellit.comUnited States
                                                                                                                              		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                              172.217.18.10
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              2.19.224.118
                                                                                                                              		unknownEuropean Union
                                                                                                                              		16625AKAMAI-ASUSfalse
                                                                                                                              142.250.184.200
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              23.211.8.128
                                                                                                                              		unknownUnited States
                                                                                                                              		16625AKAMAI-ASUSfalse
                                                                                                                              2.23.196.132
                                                                                                                              		unknownEuropean Union
                                                                                                                              		1273CWVodafoneGroupPLCEUfalse
                                                                                                                              34.111.175.102
                                                                                                                              		ip-info-gcp.ff.avast.comUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              172.217.16.206
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              2.16.238.146
                                                                                                                              		unknownEuropean Union
                                                                                                                              		20940AKAMAI-ASN1EUfalse
                                                                                                                              13.107.253.45
                                                                                                                              		s-part-0017.t-0009.fb-t-msedge.netUnited States
                                                                                                                              		8068MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                              52.19.196.164
                                                                                                                              		unknownUnited States
                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                              142.250.185.132
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              34.160.176.28
                                                                                                                              		shepherd-gcp.ff.avast.comUnited States
                                                                                                                              		2686ATGS-MMD-ASUSfalse
                                                                                                                              34.252.167.206
                                                                                                                              		unknownUnited States
                                                                                                                              		16509AMAZON-02USfalse
                                                                                                                              150.171.27.10
                                                                                                                              		unknownUnited States
                                                                                                                              		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                              157.240.251.9
                                                                                                                              		scontent.xx.fbcdn.netUnited States
                                                                                                                              		32934FACEBOOKUSfalse
                                                                                                                              142.250.181.227
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              34.117.223.223
                                                                                                                              		analytics-prod-gcp.ff.avast.comUnited States
                                                                                                                              		139070GOOGLE-AS-APGoogleAsiaPacificPteLtdSGfalse
                                                                                                                              64.233.167.84
                                                                                                                              		unknownUnited States
                                                                                                                              		15169GOOGLEUSfalse
                                                                                                                              104.102.54.39
                                                                                                                              		unknownUnited States
                                                                                                                              		16625AKAMAI-ASUSfalse
                                                                                                                              192.229.221.95
                                                                                                                              		fp2e7a.wpc.phicdn.netUnited States
                                                                                                                              		15133EDGECASTUSfalse
                                                                                                                              172.217.16.130
                                                                                                                              		googleads.g.doubleclick.netUnited States
                                                                                                                              		15169GOOGLEUSfalse

                                                                                                                              Private

                                                                                                                              IP
                                                                                                                              192.168.2.8
                                                                                                                              192.168.2.7
                                                                                                                              192.168.2.16

                                                                                                                              General Information

                                                                                                                              Joe Sandbox version:41.0.0 Charoite
                                                                                                                              Analysis ID:1533181
                                                                                                                              Start date and time:2024-10-14 14:03:04 +02:00
                                                                                                                              Joe Sandbox product:CloudBasic
                                                                                                                              Overall analysis duration:
                                                                                                                              Hypervisor based Inspection enabled:false
                                                                                                                              Report type:full
                                                                                                                              Cookbook file name:defaultwindowsinteractivecookbook.jbs
                                                                                                                              Sample URL:https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail
                                                                                                                              Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                              Number of analysed new started processes analysed:18
                                                                                                                              Number of new started drivers analysed:0
                                                                                                                              Number of existing processes analysed:0
                                                                                                                              Number of existing drivers analysed:0
                                                                                                                              Number of injected processes analysed:0
                                                                                                                              Technologies:
                                                                                                                              • EGA enabled
                                                                                                                              Analysis Mode:stream
                                                                                                                              Analysis stop reason:Timeout
                                                                                                                              Detection:MAL
                                                                                                                              Classification:mal52.evad.win@33/174@158/517
                                                                                                                              • Exclude process from analysis (whitelisted): SgrmBroker.exe, svchost.exe
                                                                                                                              • Excluded IPs from analysis (whitelisted): 142.250.181.227, 142.250.185.142, 64.233.167.84, 2.19.225.229, 34.104.35.123, 104.102.54.39, 23.211.8.45, 142.250.186.104, 2.23.196.132, 184.28.89.29, 2.19.224.118, 34.252.167.206, 34.255.61.41, 52.18.168.199, 142.250.184.200, 184.27.96.174, 172.217.18.10, 142.250.186.138, 216.58.206.74, 142.250.185.234, 172.217.16.202, 142.250.186.42, 142.250.186.74, 142.250.184.202, 142.250.181.234, 142.250.184.234, 142.250.186.106, 142.250.185.170, 216.58.212.170, 142.250.186.170, 142.250.74.202, 142.250.185.202, 142.250.185.206
                                                                                                                              • Excluded domains from analysis (whitelisted): e8647.dsca.akamaiedge.net, azurefd-t-fb-prod.trafficmanager.net, slscr.update.microsoft.com, e13074.dsca.akamaiedge.net, cn-assets.adobedtm.com.edgekey.net, clientservices.googleapis.com, reserved-g01.afd.azureedge.net, static3.avast.com.edgekey.net, avastmhubc.afd.azureedge.net, clients2.google.com, www.googletagmanager.com, e4117.dsca.akamaiedge.net, bat.bing.com, e4518.dscx.akamaiedge.net, www.google-analytics.com, ip46.go-mpulse.net.edgekey.net, static.avast.com.edgekey.net, accounts.google.com, avastmhubc.azureedge.net, content-autofill.googleapis.com, cm.everesttech.net.akadns.net, www.nortonlifelock.com.edgekey.net, star-t-g.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, e4518.dscapi7.akamaiedge.net, edgedl.me.gvt1.com, e7808.dscg.akamaiedge.net, wildcard46.go-mpulse.net.edgekey.net, www.avast.com-2.edgekey.net, clients.l.google.com
                                                                                                                              • Not all processes where analyzed, report is missing behavior information
                                                                                                                              • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                              • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                              • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                              • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                              • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                              • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                              • VT rate limit hit for: https://www.avast.com/sig-email?utm_medium=email&amp;utm_source=link&amp;utm_campaign=sig-email&amp;utm_content=webmail

                                                                                                                              LLM Input / Output

                                                                                                                              InputOutput
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: claude-3-haiku-20240307
                                                                                                                              ```json
{
  "contains_trigger_text": true,
  "trigger_text": "That funny pic your friend just forwarded to you? It could be hiding a virus. Thankfully, Avast automatically scans all your email attachments to protect your PC - and everything on it - from viruses and malware.",
  "prominent_button_name": "unknown",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": true,
  "has_visible_qrcode": false
}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: claude-3-haiku-20240307
                                                                                                                              ```json
{
  "brands": [
    "Avast"
  ]
}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: jbxai
                                                                                                                              {
"brands":["Avast"],
"text":"Avast makes emailing safe",
"contains_trigger_text":true,
"trigger_text":"INSTALL FREE",
"prominent_button_name":"INSTALL FREE",
"text_input_field_labels":"unknown",
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":true,
"has_visible_qrcode":false}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: jbxai
                                                                                                                              {
"brands":["Avast"],
"text":"Attachments can be dangerous. That funny pic your friend just forwarded to you? It could be hiding a virus. Thankfully,
 Avast automatically scans all your email attachments to protect your PC - and everything on it - from viruses and malware.",
"contains_trigger_text":true,
"trigger_text":"Attachments can be dangerous",
"prominent_button_name":"OK",
"text_input_field_labels":"unknown",
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: jbxai
                                                                                                                              {
"brands":["Avast"],
"text":"Attachments can be dangerous That funny pic your friend just forwarded to you? It could be hiding a virus. Thankfully,
 Avast automatically scans all your email attachments to protect your PC - and everything on it - from viruses and malware.",
"contains_trigger_text":true,
"trigger_text":"Attachments can be dangerous",
"prominent_button_name":"OK",
"text_input_field_labels":["Globi"],
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: jbxai
                                                                                                                              {
"brands":["Avast"],
"text":"Attachments can be dangerous That funny pic your friend just forwarded to you? It could be hiding a virus. Thankfully,
 Avast automatically scans all your email attachments to protect your PC - and everything on it - from viruses and malware. Don't let hackers hijack your email Hackers can compromise your email,
 and harvest your friends' or family's email addresses. Don't be the one to spread the bad stuff to your contacts - even unintentionally.",
"contains_trigger_text":true,
"trigger_text":"Attachments can be dangerous That funny pic your friend just forwarded to you? It could be hiding a virus. Thankfully,
 Avast automatically scans all your email attachments to protect your PC - and everything on it - from viruses and malware. Don't let hackers hijack your email Hackers can compromise your email,
 and harvest your friends' or family's email addresses. Don't be the one to spread the bad stuff to your contacts - even unintentionally.",
"prominent_button_name":"unknown",
"text_input_field_labels":"unknown",
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: claude-3-haiku-20240307
                                                                                                                              ```json
{
  "contains_trigger_text": true,
  "trigger_text": "Don't let hackers",
  "prominent_button_name": "OK",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: claude-3-haiku-20240307
                                                                                                                              ```json
{
  "contains_trigger_text": true,
  "trigger_text": "Let Avast scan everything you download from your incoming messages, so you don't have to worry about opening them.",
  "prominent_button_name": "INSTALL FREE",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: claude-3-haiku-20240307
                                                                                                                              ```json
{
  "brands": [
    "Avast"
  ]
}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: claude-3-haiku-20240307
                                                                                                                              ```json
{
  "contains_trigger_text": true,
  "trigger_text": "Complete installation by clicking your downloaded file and following the instructions.",
  "prominent_button_name": "unknown",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: claude-3-haiku-20240307
                                                                                                                              ```json
{
  "brands": [
    "Avast"
  ]
}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: claude-3-haiku-20240307
                                                                                                                              ```json
{
  "brands": []
}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: jbxai
                                                                                                                              {
"brands":["Avast"],
"text":"Avast makes emailing safe",
"contains_trigger_text":true,
"trigger_text":"INSTALL FREE",
"prominent_button_name":"INSTALL FREE",
"text_input_field_labels":"unknown",
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: jbxai
                                                                                                                              {
"brands":[],
"text":"Almost done!",
"contains_trigger_text":true,
"trigger_text":"Complete installation by clicking your downloaded file and following the instructions.",
"prominent_button_name":"Initiating download...",
"text_input_field_labels":"unknown",
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: jbxai
                                                                                                                              {
"brands":[],
"text":"Almost done!",
"contains_trigger_text":true,
"trigger_text":"Complete installation by clicking your downloaded file and following the instructions.",
"prominent_button_name":"click here",
"text_input_field_labels":"unknown",
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}
                                                                                                                              URL: https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail#pc Model: jbxai
                                                                                                                              {
"brands":["Avast"],
"text":"That funny pic your friend just forwarded to you? It could be hiding a virus. Thankfully,
 Avast automatically scans all your email attachments to protect your PC - and everything on it - from viruses and malware.",
"contains_trigger_text":false,
"trigger_text":"",
"prominent_button_name":"OK",
"text_input_field_labels":"unknown",
"pdf_icon_visible":false,
"has_visible_captcha":false,
"has_urgent_text":false,
"has_visible_qrcode":false}

                                                                                                                              Created / dropped Files

                                                                                                                              C:\Program Files\Avast Software\Avast\2057\aswClnTg.htm.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1398
                                                                                                                              Entropy (8bit):3.6209554256910623
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:C7A35408CC146B5F93F8D914F59BA6AC
                                                                                                                              SHA1:9AC0FBE12471F28B0EEEB32D54AFD2A8CC8567EC
                                                                                                                              SHA-256:AF5F3E8445E6ADBE332DAFDB20E917C91E8012ABE650953A9F9F01479ED7348F
                                                                                                                              SHA-512:A531DB71EDB795B2C56F16A1272586571805F446FB56C6D1EF7DC5A90AA0CABE6481A4F6B69BB13DF1D8A920F94735DAF68A91247A15C0686C8876D02F21508D
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:..<.h.t.m.l.>.....<.b.r. ./.>.<.b.r. ./.>.....<.h.r. .s.t.y.l.e.=.'.b.o.r.d.e.r.:.n.o.n.e.;. .c.o.l.o.r.:.#.9.0.9.0.9.0.;. .b.a.c.k.g.r.o.u.n.d.-.c.o.l.o.r.:.#.B.0.B.0.B.0.;. .h.e.i.g.h.t.:. .1.p.x.;. .w.i.d.t.h.:. .9.9.%.;.'. ./.>.....<.t.a.b.l.e. .s.t.y.l.e.=.'.b.o.r.d.e.r.-.c.o.l.l.a.p.s.e.:.c.o.l.l.a.p.s.e.;.b.o.r.d.e.r.:.n.o.n.e.;.'.>.......<.t.r.>.........<.t.d. .s.t.y.l.e.=.'.b.o.r.d.e.r.:.n.o.n.e.;.p.a.d.d.i.n.g.:.0.p.x. .1.5.p.x. .0.p.x. .8.p.x.'.>...........<.a. .h.r.e.f.=.".h.t.t.p.s.:././.w.w.w...a.v.a.s.t...c.o.m./.a.n.t.i.v.i.r.u.s.".>.............<.i.m.g. .b.o.r.d.e.r.=.0. .s.r.c.=.".h.t.t.p.:././.s.t.a.t.i.c...a.v.a.s.t...c.o.m./.e.m.a.i.l.s./.a.v.a.s.t.-.m.a.i.l.-.s.t.a.m.p...p.n.g.". .a.l.t.=.".A.v.a.s.t. .l.o.g.o.". ./.>...........<./.a.>.........<./.t.d.>.........<.t.d.>...........<.p. .s.t.y.l.e.=.'.c.o.l.o.r.:.#.3.d.4.d.5.a.;. .f.o.n.t.-.f.a.m.i.l.y.:.".C.a.l.i.b.r.i.".,.".V.e.r.d.a.n.a.".,.".A.r.i.a.l.".,.".H.e.l.v.e.t.i.c.a.".;. .f.o.n.t.-.s.i.z.e.:.1.2.p.t.;.'.

                                                                                                                              C:\Program Files\Avast Software\Avast\2057\aswClnTg.txt.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):226
                                                                                                                              Entropy (8bit):3.3262890495909696
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:198AA55535E9EE98BD9BC44CEAB7FE8D
                                                                                                                              SHA1:4071DCF0CA35A616658B55491E6C5738A60FA8A5
                                                                                                                              SHA-256:FF6B0293D71E1A5C58145D014AD51F28EFB92681DDD8BEA062117C0A00749AC0
                                                                                                                              SHA-512:3CE43A088EE34949F2231B13E2ED6EC32E12BE06A64BD2978E157958FFB7A206BF1E0CE62780E6C795B5D2E520C7598EBC23671784A67B865591376D39922AC7
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:..........-.-. .....T.h.i.s. .e.m.a.i.l. .h.a.s. .b.e.e.n. .c.h.e.c.k.e.d. .f.o.r. .v.i.r.u.s.e.s. .b.y. .A.v.a.s.t. .a.n.t.i.v.i.r.u.s. .s.o.f.t.w.a.r.e.......h.t.t.p.s.:././.w.w.w...a.v.a.s.t...c.o.m./.a.n.t.i.v.i.r.u.s.....

                                                                                                                              C:\Program Files\Avast Software\Avast\2057\aswInfTg.htm.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:HTML document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1282
                                                                                                                              Entropy (8bit):3.779841394981718
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:772C0FA62423F63AE6C05BED49896C6D
                                                                                                                              SHA1:1C6DCD18990515DAF57F0C0C7F08B8E47C234F7C
                                                                                                                              SHA-256:92FD70EB12EFF26FC1BC86D7D75A42529B3DD09D2F3C9174493FCA8C2D81C94B
                                                                                                                              SHA-512:0B00E340D9785AA61319B82FD06CF2408669BE1FA40B532085A87FDEB16945CE7025846F9634A4C1006FE393B65587A567910A8912A101E247062E6CBF4EB07B
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:..<.h.t.m.l.>.....<.B.R.>.<.B.R.>.....<.T.A.B.L.E. .w.i.d.t.h.=.4.0.0.>.<.H.R.>.....<.P. .s.t.y.l.e.=.".F.O.N.T.:. .9.p.t./.1.1.p.t. .v.e.r.d.a.n.a.".>.<.a. .h.r.e.f.=.".h.t.t.p.s.:././.w.w.w...a.v.a.s.t...c.o.m./.a.n.t.i.v.i.r.u.s.".>.A.v.a.s.t. .A.n.t.i.v.i.r.u.s.<./.a.>.:. .%.T.Y.P.E.%. .m.e.s.s.a.g.e. .I.N.F.E.C.T.E.D.:.<.b.r.>.%.A.T.T.A.C.H.%.<./.P.>.....<.P. .s.t.y.l.e.=.".F.O.N.T.:. .8.p.t./.1.1.p.t. .v.e.r.d.a.n.a.".>.V.i.r.u.s. .D.a.t.a.b.a.s.e. .(.V.P.S.).:. .%.V.P.S.%.<.B.R.>.T.e.s.t.e.d. .o.n.:. .%.T.I.M.E.D.A.T.E.%.<.B.R.>.<.F.O.N.T. .c.o.l.o.r.=.g.r.a.y.>.A.v.a.s.t. .-. .c.o.p.y.r.i.g.h.t. .(.c.). .1.9.8.8.-.2.0.2.3. .A.V.A.S.T. .S.o.f.t.w.a.r.e...<./.F.O.N.T.>.<./.P.>.....<.T.B.O.D.Y.>.<./.T.B.O.D.Y.>.<./.T.A.B.L.E.>.....<.B.R.>.<./.h.t.m.l.>.....%.I.N.B.O.U.N.D.=.I.n.b.o.u.n.d.%.....%.O.U.T.B.O.U.N.D.=.O.u.t.b.o.u.n.d.%.....%.C.L.E.A.N.E.D.=.w.a.s. .s.u.c.c.e.s.s.f.u.l.l.y. .c.l.e.a.n.e.d...%.....%.D.E.L.E.T.E.D.=.w.a.s. .d.e.l.e.t.e.d. .f.r.o.m. .t.h.e. .m.e.s.s.a.g.e.

                                                                                                                              C:\Program Files\Avast Software\Avast\2057\aswInfTg.txt.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):908
                                                                                                                              Entropy (8bit):3.6786902995136908
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:F0079B17F4688402742E0CFC5B582297
                                                                                                                              SHA1:995286A74F21C163DBBA8540CC14AC5E103E7EFF
                                                                                                                              SHA-256:0A0B6B16B0C4D07B972F3C61F5CA3B4F42A1E1280F5FC3C2F29896E3DB80ADC1
                                                                                                                              SHA-512:2C6011702D72F2A6A83F97D8A63A43F3786779B3149ECC4DA86E834F910EA0FAD5EE3EB9C501F8BC562451502B02A18F7EEB2354406B21E88EF99351DA998F77
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:..........-.-. .....A.v.a.s.t. .A.n.t.i.v.i.r.u.s.:. .%.T.Y.P.E.%. .m.e.s.s.a.g.e. .I.N.F.E.C.T.E.D.:.....%.A.T.T.A.C.H.%.........V.i.r.u.s. .D.a.t.a.b.a.s.e. .(.V.P.S.).:. .%.V.P.S.%.....T.e.s.t.e.d. .o.n.:. .%.T.I.M.E.D.A.T.E.%.....A.v.a.s.t. .-. .c.o.p.y.r.i.g.h.t. .(.c.). .1.9.8.8.-.2.0.2.3. .A.V.A.S.T. .S.o.f.t.w.a.r.e.......h.t.t.p.s.:././.w.w.w...a.v.a.s.t...c.o.m./.a.n.t.i.v.i.r.u.s.....%.I.N.B.O.U.N.D.=.I.n.b.o.u.n.d.%.....%.O.U.T.B.O.U.N.D.=.O.u.t.b.o.u.n.d.%.....%.C.L.E.A.N.E.D.=.w.a.s. .s.u.c.c.e.s.s.f.u.l.l.y. .c.l.e.a.n.e.d...%.....%.D.E.L.E.T.E.D.=.w.a.s. .d.e.l.e.t.e.d. .f.r.o.m. .t.h.e. .m.e.s.s.a.g.e...%.....%.L.E.F.T.=.w.a.s. .(.B.E.W.A.R.E.!.!.!.). .l.e.f.t. .i.n.t.a.c.t. .i.n. .t.h.e. .m.e.s.s.a.g.e...%.....%.M.O.V.E.D.=.w.a.s. .m.o.v.e.d. .o.u.t. .o.f. .t.h.e. .m.e.s.s.a.g.e...%.....%.M.O.V.E.D.T.O.C.H.E.S.T.=.w.a.s. .m.o.v.e.d. .t.o. .t.h.e. .v.i.r.u.s. .c.h.e.s.t...%.....

                                                                                                                              C:\Program Files\Avast Software\Avast\BrowserCleanup.ini.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):42
                                                                                                                              Entropy (8bit):4.624111172624227
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:4957ED73D5E5E303E351C8F8B7B53E1C
                                                                                                                              SHA1:E61238F49E44237C56D4D5B41AEB150160880B74
                                                                                                                              SHA-256:59727F7A256B7A70971F2E62B43B0A923937F85689FC3AA4AE50E4FBFBF83499
                                                                                                                              SHA-512:DB4854667285BB1CD8D07AB189607EC5BC489AFB2D0A5B5A3388F91CEFD012FECA689787452901E0EB1DE6E8792E69C0097C38B89BBA0D977D0B29E5E5EF2FEB
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:[App]..ServerURL=http://bcu.ff.avast.com..

                                                                                                                              C:\Program Files\Avast Software\Avast\Inf\x64\aswSnx.sys.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (native) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):950328
                                                                                                                              Entropy (8bit):6.133774868527017
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:3C27098AEAE8CC6EAD906F2665A7B38C
                                                                                                                              SHA1:30ED57CE4354C83BFAEC4137C20A3D12FFAF72A4
                                                                                                                              SHA-256:A2504E20DC1DEE28BB95212C571C81587BFE8501F5167D2EBA001B2672D1406D
                                                                                                                              SHA-512:A1A16F02CF56D98668AC6AACC2E7F560A659609C8D96DDF8996837828AAC17DAC751EA5B53417FBB43AB58AEEC575A26E676A161DB4A708F17B8668B6ED6FFD4
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$............s...s...s../....s../....s../....s../....s../....s...s..Yr..4....s..4....s..4.)..s..4....s..Rich.s..........................PE..d......f.........."......t...........`.........@.............................................................................................`..x............0...>...Z..8&......D ..pg..p............................g..8............p...............................text....Q.......R.................. ..h.rdata...R...p...T...V..............@..H.data....S.......(..................@....pdata...>...0...@..................@..HPAGE.........p...................... ..`INIT....D1...`...2.................. ..b.rsrc................4..............@..B.reloc..D ......."...8..............@..B................................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\RescueDisk\aswPEAntivirus.exe.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):11428648
                                                                                                                              Entropy (8bit):6.441552475693821
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:6F4FF0A950D9549BC3AD89F5F8AF2F21
                                                                                                                              SHA1:85D23934DDA2E80C07B92B5948BCE3A50D903205
                                                                                                                              SHA-256:E38E1F1203EE978868F5EEAC8893D46C9690C8C38F2DBEBBEAB4C7DE96D00078
                                                                                                                              SHA-512:0B3254070262DD5C75F53F22FE3E92BF6B5A61C8170CB05CBD483F55B694A4E7F83994473D1239BB481E033D82C8FA271816ABFA07433C271256ABABBFE19CA6
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................h...........!..L.!This program cannot be run in DOS mode....$.......o?=.+^S.+^S.+^S.-..$^S.-.W.!^S.-.P./^S.-.R.#^S."&..1^S..+W.^S.}+V.(^S..+V.*^S..,U.*^S.}+R./^S.-.V..^S..,P.)^S..,W.,^S..+R.-^S.A.R.3^S.}+W.t^S..,R..^S.+^R..US.A.Z.v\S.A.S.*^S.A..*^S.+^..)^S.A.Q.*^S.Rich+^S.........................PE..d...z..f.........."....&..r...<.......V........@..........................................`................................................<......................H8...*...p..,.............................(..../x.@.............r..N..x.......................text...^.r.......r................. ..`.rdata....#...r...#...r.............@..@.data...8...........................@....pdata..............................@..@.didat..0....p.......,..............@....rsrc................0..............@..@.reloc..,....p... ..................@..B................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\RescueDisk\aswPEBrowser.exe.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):3345704
                                                                                                                              Entropy (8bit):6.457715639940071
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:1FAF8BAADB8384A62C7BBCBF1EFA6660
                                                                                                                              SHA1:762D5EB3BD81014E77D0EF42AE88D3296B5493EC
                                                                                                                              SHA-256:959E440B1238D6D9AB61068C51EEDF4B8801E6B17DEA52803ED1F41DE0799812
                                                                                                                              SHA-512:F85E0F3FF076A5097E8DEBAE68C4B7EB687E30FD61F8BE07E0F0615A09BB60C5A52852CD4FA19FDB298BA1AA0EB1172F38D09A7BECE7DBFD748C8BCA199FAD36
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................@...........!..L.!This program cannot be run in DOS mode....$.......Y.[...5...5...5..9....5..91...5..96...5..94...5..90.*.5.......5...1...5.E.0..5.K.4...5.w94...5...5...5.K.0...5...4...5...4...5.w9<...5.w95...5.w9....5.......5.w97...5.Rich..5.................PE..d......f.........."....&............0(.........@.............................@3......f3...`.........................................`.).....H.).......1......@0.`...H.2..*....2. j..x.$.......................$.(..... .@............ .. #....).`....................text...\........................... ..`.rdata....... ......................@..@.data....M....).......).............@....pdata..`....@0......./.............@..@.didat..X.....1.......1.............@....rsrc.........1.......1.............@..@.reloc.. j....2..l...v2.............@..B........................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\RescueDisk\aswPECommander.exe.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):3136808
                                                                                                                              Entropy (8bit):6.458196496805583
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:CF41552911B7A0F3571F8CA5CA6F9B11
                                                                                                                              SHA1:2F1A89F9B807102FC8B4F34B55531BE8AE3D47D4
                                                                                                                              SHA-256:55DE7D2BB1CA4684031DD300CA7CADEB865BFD71BC1D8294055FBF9854D10AC2
                                                                                                                              SHA-512:6E1C1670ADDE023477F235B723EEFDA994F31CE90B43688C79E36D49B8077236F192EFF8E5239C7DA2898A25E350C76B8775E0EA46EE1982EE01DDC3D21C1EF4
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$.......d... x.V x.V x.V&.'V#x.V&..W*x.V&..W&x.V&..W(x.V&..W.x.Vv..W$x.VJ..W"x.V).IV2x.V...W!x.V x.V&x.Vv..W#x.V...W9x.V x.V5..VJ..W.x.VJ..W!x.VJ.%V!x.V xMV"x.VJ..W!x.VRich x.V........PE..d......f.........."....&.............p.........@.............................@0.......0...`.........................................0.%.......%..............@-..P..H./..*..../..g.... ....................... .(....U..@................0....%.@....................text............................... ..`.rdata..>...........................@..@.data....P....&.. ....&.............@....pdata...P...@-..R....,.............@..@.didat..............................@....rsrc................0..............@..@.reloc...g..../..h...J/.............@..B........................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\RescueDisk\aswPEShell.exe.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):3235112
                                                                                                                              Entropy (8bit):6.470600408567223
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:AF285710E7E49EF7239A550F1CFA466C
                                                                                                                              SHA1:C5823BBDB0622DAA413C3F7AE0A548C0E76119FD
                                                                                                                              SHA-256:3B73DA6BAD4B96621476EBB2CA5252FB3C1820D7AE4952B0FA819BC25460DED3
                                                                                                                              SHA-512:012807430E944D90BD83BEE1D42DE127E55EBB946E4E73C66652320EFE8459981AF182EFEE8CF01F9067F39C12CC8ADF611ADF676BEF1F1D9157B3449FB7603A
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$.........;...UC..UC..UC.3.C..UC.3QB..UC.3VB..UC.3TB..UC.3PB.UC...C.UC<.QB..UC.3TB..UC..TB..UC..PB..UC-.TB.UC..TC&.UC.3\B(.UC.3UB..UC.3.C..UC...C..UC.3WB..UCRich..UC................PE..d......f.........."....&.....@...... p.........@..............................1.......1...`.........................................`.%.....H.%......`..(.....,..Q..H21..*...01..a..h. ....................... .(....d..@............ ...(..`.%.`....................text...L........................... ..`.rdata....... ......................@..@.data...p:....&.......&.............@....pdata...Q....,..R....,.............@..@.didat..0....P......................@....rsrc...(....`......................@..@.reloc...a...01..b....0.............@..B........................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\RescueDisk\aswRegLib.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):371496
                                                                                                                              Entropy (8bit):6.684211339009156
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:A3361002464B5AC43EE6B377FD817C1D
                                                                                                                              SHA1:0167864F139F42B0D52F964C4995F7A16D132766
                                                                                                                              SHA-256:E1F06038B35C414F93A9EEF021859F916AADF3A48C7BBE0CFAB42C1A13EABA3B
                                                                                                                              SHA-512:D802C67070DEDFC005F107F76CA36E6FC32D6B6CB33BEBF4CF1D6256C62724DD686B58A2BACF5088AE6223B314E5BA9BD6A3C58C0EB3A6797D7D55B5194EF696
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......S.....s...s...s..W....s..Wp...s..Ww...s..Wv.4.s..Wr...s......s.}Wr...s..r...s...r.|.s.}Wz.0.s.}Ws...s.}W....s......s.}Wq...s.Rich..s.................PE..d......f.........." ...&.v...........L...................................................`A........................................`9..T....B..@...............p ..H....*.......... ...........................(.......@............................................text....u.......v.................. ..`.rdata..N............z..............@..@.data........`.......F..............@....pdata..p ......."...P..............@..@.aswRegi.............r..............@....rsrc................t..............@..@.reloc...............|..............@..B................................................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\RescueDisk\aswShMin.exe.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):464680
                                                                                                                              Entropy (8bit):6.598898754123888
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:24254AAE33CE1F0E8B593DCC256D11CA
                                                                                                                              SHA1:4996E60FB3064193501ABB1EE6D106019368FEF3
                                                                                                                              SHA-256:78B065A25C2309FF0B86666B0F8458B36F8036676915D190D2707981C6DE57D8
                                                                                                                              SHA-512:063DB2724E51A3D40EFD51C0A6FD93F060A457A1BE2B0A4FB90D9CCE514E2AA7B2163649DDABA1BA8DB877DBF9C23F0D5D1FCF43EBF657984078DB271AC1EAC7
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......z..->..~>..~>..~...;..~......~.../..~>..~?..~85.....~85..,..~85..o..~...8..~7.;~=..~>..~...~T5..(..~T5..?..~T5W~?..~>.?~<..~T5..?..~Rich>..~................PE..d...l..f.........."....&.D...........X.........@.............................P............`.....................................................d....0..........\+..H....*...@......0<.......................>..(....:..@............`..H............................text...<C.......D.................. ..`.rdata...B...`...D...H..............@..@.data....2..........................@....pdata..\+.......,..................@..@_RDATA....... ......................@..@.rsrc........0......................@..@.reloc.......@......................@..B........................................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\RescueDisk\background-loading.png.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PNG image data, 1024 x 768, 8-bit/color RGBA, non-interlaced
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):648336
                                                                                                                              Entropy (8bit):7.9789071043903945
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:1FB0FDDF13D90F785DE23A4EF7E2989D
                                                                                                                              SHA1:61580F779BFE15A27A7702E5910F8E0C4E063C5D
                                                                                                                              SHA-256:C40F472B580205331A0E68542997A0334C33CCF60D96BA644CCC2489F75AFE0E
                                                                                                                              SHA-512:A17F4EF91B671996E14E2FA32CBE42EAC44661BAB96B5903745A0E76A1E5EAEA543C07FC3A66BB7C9689FFE0ED0ABDABA6DD2F40B3C4E7E68D705E5C30535833
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:.PNG........IHDR.....................pHYs.................sRGB.........gAMA......a....%IDATx.....nYQ .........L2%.......&..."R..V.UV....z.Z..Z.X....W.U.%......T...*l.D.,I ..H..I......;...N.8..9..D.}..fwG...s...{...{8..nk...i ..5.......-..e.......g.?.,Qx.......i48..YZ.^..>.^.a.Z..8h......6.d.B.}X.;Q...d.f.xL&...1{e.h..y3>.lL...2g...5.......N.:......g.$....C.>/_$.&.4Yh@.....y.\.k.+*o.>+.xq.MJ...'.qH.........k.i...-..52..N}"V..8h.B..1.X...u...~O..A&_`.....T.....*.....,.........E...l.U#.w..<H...lO.&.D.....g77.r&]fke..h.P.V..4|.[.$....0..crF../.P.=._....A.=L..<....TY"(..%..&......"........N...D2.Y7a.B*.U.%..'/*..:..6K....A.........OI.X`M.<..~......7..F>..4..$2.....@.....T..1&j.S.O..&O......YWOY..g.....[T..k.a..%}..%......=............ZqGk.........)....^k#.?.......XiKa.O%............f....{...x.<{s.T.X......m...<..U.=.%.........E..,+C."e.....izo..S_.i'..5.-.Au^...<<.'.....$t^N..G.......*8..^]z.......|...r....x......)..rp.f*o.F..._..Z

                                                                                                                              C:\Program Files\Avast Software\Avast\RescueDisk\waikamd64.mst.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.1, Code page: 1252, Title: Installation Database, Subject: Windows Automated Installation Kit, Author: Microsoft Corporation, Keywords: Installer, Comments: Windows Automated Installation Kit, Create Time/Date: Mon Jul 13 17:30:20 2009, Name of Creating Application: Windows Installer XML v2.0.3620.0 (candle/light), Security: 2, Template: AMD64;1033, Last Saved By: AMD64;1033, Revision Number: {31E8F586-4EF7-4500-844D-BA8756474FF1}2.0.0.0;{31E8F586-4EF7-4500-844D-BA8756474FF1}2.0.0.0;{0EAF84C7-F60C-4C9A-8299-19F213BE10CB}, Number of Pages: 200, Number of Characters: 0
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):3584
                                                                                                                              Entropy (8bit):2.499314150224037
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:EC82D1081D31554E75D7E72B30D31D78
                                                                                                                              SHA1:FF5615640CDA8CEC9FB0AD3FB8A4E441BCC8E398
                                                                                                                              SHA-256:0823905CE46355FE514ED547D5C639AF39B2B3D28A5BCABD1846997C7A4208B7
                                                                                                                              SHA-512:2F36323DB92F1C1D4E3B8F18F8258830A6200BC7061EAAEADCD0A655E30276592376FA4C4F706F497D5FCD00A1E5C5649E20407D3860910A184CCBE4B36547B9
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:......................>...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\RescueDisk\wxbase315u_vc.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):3109680
                                                                                                                              Entropy (8bit):6.619233210847395
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:BBD60A023299B63864FBFAAF9699CF34
                                                                                                                              SHA1:514838176E634BF2249F730895CB7919C16C5463
                                                                                                                              SHA-256:3B7E420A3207016D2D80AECAD0664B4D9BD518B6BAC72E4784FA0E85BB0C7A39
                                                                                                                              SHA-512:E5B2740D314CE766D3A5E2C818BADD876967A050BE0A6EBD5909582BE111A178745881E23AAF944EF3A3C8094719CF480B6D808F4BDD2F360F131F723B5CB02E
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$...........d..d..d...\..d.....d.....d.....d.....d.....d.....d.....d..d.1e.....d.....d.....d...0..d..dX..d.....d.Rich.d.........................PE..d....._c.........." .....V..................................................../......./...`.........................................`$&.......,......p/..........d...J/.0)..../.\#..0.!.T.....................!.(.....!.8............p...............................text....T.......V.................. ..`.rdata.......p.......Z..............@..@.data...P....0-.......-.............@....pdata...d.......f....-.............@..@.rsrc........p/......./.............@..@.reloc..\#..../..$...&/.............@..B........................................................................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\RescueDisk\wxmsw315u_core_vc.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):9693488
                                                                                                                              Entropy (8bit):6.426808455857167
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:82DC347DEB8B9C8E196A19223566A212
                                                                                                                              SHA1:FCE43A71DFEDEAB1A79F01E1ABB9537185AFECF7
                                                                                                                              SHA-256:FA14C8B264FA60FED54DAA93403C007F8DD4E272BC47684B069CA125F9916B0E
                                                                                                                              SHA-512:6BD1EB8ABF1E2067ACBCED14A9587D74FD001DCEB2120C261C74366F88A67DC03D5F629A026EC971EA727D0636E12B864ED41819270F30AF7641E7D1889745EA
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$.........Sh].=;].=;].=;T.;I.=;;..;\.=;..9:U.=;..>:Y.=;..8:G.=;..<:[.=;..9:>.=;..<:_.=;I.::\.=;I.9:V.=;I.;:\.=;I.<:B.=;].<;..=;..8:..=;..=:\.=;...;\.=;]..;\.=;..?:\.=;Rich].=;........PE..d....._c.........." .....vJ...L......LC.............................................'.....`.........................................0zw.......X....... ...............0)......$.....i.T.....................i.(.....i.8.............J..3...........................text....uJ......vJ................. ..`.rdata....@...J...@..zJ.............@..@.data....?..........................@....pdata...............D..............@..@minATL.......p.....................@..@.rsrc... ..........................@..@.reloc..$..........................@..B........................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\afwCoreClient.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):805160
                                                                                                                              Entropy (8bit):6.6018691936935205
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:08DA1BFCC76CCF99E0F106B3116C0666
                                                                                                                              SHA1:AECB6B370B5384923FF8C0A495E84B6299A3F79B
                                                                                                                              SHA-256:E6EFBF43D8A38377DA780DA0B93AD25DEEABB0120F90E09AC903E22C85769AA6
                                                                                                                              SHA-512:FCA28938C702F397A77EBFC41D0BFF3EEAF95CE6E200011E2EFD7924C9FAFD495AD2D2541E876E1240ED684ACA53C9AFE70DBC21BBEF88E9A72CA633ED70B1DC
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$.......=..Uy...y...y...p...k.....v.z.......q.......}...............{.......{......._.../..{.......q...y...........j.......0.......x.....t.x...y...{.......x...Richy...........PE..d......f.........." ...&.....,...............................................p.......m....`A............................................h(..h........P...........b..H....*...`..................................(.......@...........................................text............................... ..`.rdata..............................@..@.data....... ......................@....pdata...b.......d..................@..@.didat.......@......................@....rsrc........P......................@..@.reloc.......`......................@..B................................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\afwRpc.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):392488
                                                                                                                              Entropy (8bit):6.6940370801214515
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:A434F4571CAE3737095534A1D676281D
                                                                                                                              SHA1:6C6BBA947A4ADE26578B943819ADB8A95E0760D9
                                                                                                                              SHA-256:8F338B15A95069E956ABCBBE800D66CC5A1B106996F26347BB40BFA5CBBD4A13
                                                                                                                              SHA-512:54F152638D7FD72AF9E133E0959B36AB095AC1898487FBD664B285067F42815EF4F28132914BAD43F2AC487B75D82779704833DE5B1217D13170FC2FA298936A
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$....... ...d..Kd..Kd..Kb..Ke..Kb..Jl..Kb..J`..Kb..Jb..K...Jf..K...Jf..Km.vKt..K...Jf..Kb..J{..K...Jk..Kd..K{..K...JN..K...Je..K...Ke..Kd.rKf..K...Je..KRichd..K........................PE..d......f.........." ...&.....(.......t....................................... ............`A........................................@q.......s..@.......p........%..H....*..........X...........................(.......@....................o..@....................text............................... ..`.rdata..T...........................@..@.data....$..........................@....pdata...%.......&..................@..@.didat..............................@....rsrc...p...........................@..@.reloc..............................@..B........................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\afwServ.exe.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2315048
                                                                                                                              Entropy (8bit):6.452115540157882
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:0C571DB5DFD745812D6B04B1F2186530
                                                                                                                              SHA1:AF56BD0141580C017B2677B1D16B5BA5D35905B9
                                                                                                                              SHA-256:C40BD9C157631F7AE71860DBD911B1B79DA2EF7DCF5271726309426CDDD13746
                                                                                                                              SHA-512:C2CA8EB656C19187942D2C4394A7B40C7C0037FE97D170D55744D8A190D2CCC2CD8FC683A329A9F4229B84203AED9FB648EA71A1BAC9D77BA2B886B828537328
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................H...........!..L.!This program cannot be run in DOS mode....$........A... .V. .V. .V..6V. .V...W. .V...W. .V...W. .VnR.W. .VnR.W. .V.XXV. .VwU.W. .V.U.W. .V...W. .VwU.W. .VnR.W. .V..W. .V. .V.#.V..W. .V..W. .V.4V. .V. \V. .V..W. .VRich. .V........................PE..d......f.........."....&............0..........@..............................#.......#...`...........................................................!....... .<...H(#..*...`#.................................(...`...@...................`........................text...|........................... ..`.rdata..............................@..@.data....K.......&...d..............@....pdata..<..... ....... .............@..@.didat........!......v!.............@....rsrc.........!......x!.............@..@.reloc.......`#.. ....#.............@..B................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\aswidpm.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):854312
                                                                                                                              Entropy (8bit):6.547260255846451
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:19AA232977D415A42127FE79C3BF0034
                                                                                                                              SHA1:7C2F21233F47C1EF387578B8B07F976793567C1D
                                                                                                                              SHA-256:2B5CAC25EC0747A749DECB71A648F321F14C9C638E16A9BACD795A25F02C50F9
                                                                                                                              SHA-512:9E04487071690CFBE4F52A8918D6D40A6E70D81686149ECF8268CB09495898A279C09AB31A1D091C7AE0B5319D203DDBAC9E57172655CD375F512C7C765209DC
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......K5.h.T.;.T.;.T.;.,1;.T.;.._;.T.;..:.T.;..:.T.;..:%T.;..:.T.;.T.;.T.;.&.:.T.;.T.;.V.;e.:.U.;e.:.T.;e.];.T.;.T5;.T.;e.:.T.;Rich.T.;................PE..d......f.........." ...&.,..........@........................................p......J.....`A.........................................................P..x........b..H....*...`..|...............................(.......@............@..8............................text...L*.......,.................. ..`.rdata.......@.......0..............@..@.data........P...,...:..............@....pdata...b.......d...f..............@..@.rsrc...x....P......................@..@.reloc..|....`......................@..B........................................................................................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\libwaapi.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1059120
                                                                                                                              Entropy (8bit):6.252418616432082
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:55E8ABC2E2A985BFCF63B31FCB616798
                                                                                                                              SHA1:1515621393B52AE31C697422C3410D9738D58AD6
                                                                                                                              SHA-256:0E5C4AFB2FD25F3B0843C1F982D5F1314040EC5446D3587888743E6E5825EF31
                                                                                                                              SHA-512:A0E8EA08B458A791455846B8A38F4576E9D88040DC4240EAF76253D100212F24C3FAD76963EA26EDFC3DC634AC83CB0151254E64BDAEDEB943DBD12D8CBD6E1F
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...P...P...P...;...P...;...P...;..hP..e....P..e...P..e....P...;...P.......P...P..}Q.......P.......P.......P...Pr..P.......P..Rich.P..........PE..d...t.Ef.........." .....b..........`x.......................................p......<.....`A........................................................@...........~......0)...P..|.......p.......................(.......................@............................text....`.......b.................. ..`.rdata..h............f..............@..@.data....r... ...T..................@....pdata...~...........Z..............@..@.tls......... ......................@....gehcont.....0......................@..@.rsrc........@......................@..@.reloc..|....P......................@..B................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\libwaheap.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):103216
                                                                                                                              Entropy (8bit):6.18579100317216
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:17B24CD98AB8714ABFB1847AAB4BCC38
                                                                                                                              SHA1:E3C8A2EA624E9E4739E951F27E8FE0748511C420
                                                                                                                              SHA-256:532FD260954D47EB1364EA4E79F313B56F4B440A17F32519DCEDEB7C91276705
                                                                                                                              SHA-512:29AE5C1D51699E1FD11E0C8D14F5D8B0E56DC973B6B39834C1892014D6A512872E8D9331D9553F3C2FF31DAC51DC3B7DF7D4DF0BEE3CB76DB84D2BBE9AF1A29F
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$...........Z...Z...Z...N...^...N...Q...N.........]......N......J...N...Y...Z..........[......[.....{.[...Z...[......[...RichZ...........PE..d.....Ef.........." ................@................................................?....`A.........................................Q..L....R..(....................j..0)...........C..p............................C..................8............................text............................... ..`.rdata..............................@..@.data........`.......@..............@....pdata...............J..............@..@.gehcont.............X..............@..@.rsrc................Z..............@..@.reloc...............b..............@..B................................................................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\libwalocal.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1880880
                                                                                                                              Entropy (8bit):6.414038053748992
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:62D829F91EC96677FBBC4362CF6FB98D
                                                                                                                              SHA1:F641FC9376557D0BD15FD5706D367D4BF76F9CCA
                                                                                                                              SHA-256:9F2BFBD4A93BEDE82D4B5E465660DEEFFE3291F3E0DF7A37C36282317BE588D1
                                                                                                                              SHA-512:0ACC08EBA170495D9B815FDC1137347D60294D0F5EBF8515C5710CC49D9CC20F266710BD1F005FD867880D94A68EA9DCB8D04161652078EBB7BD6283749E789A
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$........z.cJ..0J..0J..0^p.1\..0^p.1G..0^p.1...0..0K..0.E.1@..0.E.1 ..0.E.1m..0.E.1D..0^p.1B..0.E.1M..0J..0...0.E.1S..0.E.1K..0.E<0K..0J.T0K..0.E.1K..0RichJ..0........................PE..d.....Ef.........." ................0...............................................;.....`A........................................P...........................`.......0).......&......p...........................P................ ...............................text............................... ..`.rdata....... ......................@..@.data........0...p..................@....pdata..`...........................@..@.gehcont.............X..............@..@.rsrc................Z..............@..@.reloc...&.......(...b..............@..B........................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\libwaresource.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):4654384
                                                                                                                              Entropy (8bit):7.999924810345175
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:A7BCD6CAF81EC3885556A8CF8C4ADD00
                                                                                                                              SHA1:B0137BCD506C563E26F41EEAC42300332DB7C3D2
                                                                                                                              SHA-256:73CB1A52CDA3CA650D5E6823E5454F76FFAB2CE7B69EEEB261DF6276006F3D2D
                                                                                                                              SHA-512:7E022FB8D15B99E8D5816EA491ABE5E12C247C0CA338C87350E9DC499BFBFD8D32BBC76132D176B2B86E215D60A4FF331B8B66CE73275772B5155AD66C2A9C69
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......................J...............J.......Rich............PE..L.....Ef...........!..........F...............................................G......dG...@.......................................... ..0.F...........F.0)..............p............................................................................rdata..............................@..@.rsrc...0.F.. ....F.................@..@......Ef........*...p...p.........Ef..........................Ef........T.................Ef....................RSDS*....?.H...Q......libwaresource.pdb.......................GCTL....p....rdata..p........rdata$zzzdbg.... .......rsrc$01.....#....F..rsrc$02........................................................................................................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\libwautils.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):3529008
                                                                                                                              Entropy (8bit):6.256841259433764
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:13C520ABB15829477F295CC8C11B5889
                                                                                                                              SHA1:E23F9AA51E65FE6D9B30362774A5B9BA36FFC10A
                                                                                                                              SHA-256:F2AAD2AC13E4FDC8BC1031F85928D5E00F4EA62C81CA57AEFE3833A86E85A559
                                                                                                                              SHA-512:76E202B72F9B64E45B39B7E22B69C60EA55BFAC51ED45380676064F6314039CD1E761EAFE367E2B7246B1EBF933A0066843F5F6666E3CF0D27E63F60C19031F0
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................@...........!..L.!This program cannot be run in DOS mode....$..........'...t...t...t...u...t...u)..tt|$t...tG..u...tG..u...t...u...t...u...tG..u...t]..u...t...u...t...t...t-..u...t]..u...t]..u...t]..u...t]..t...t..tt...t]..u...tRich...t........................PE..d...=.Ef.........." ......!.........0........................................P:......D6...`A........................................ .1.....8g3.......:.......8..@....5.0)... :..'....).p.....................).(...PU$...............!. ...8.1.@....................text.....!.......!................. ..`.rdata..|.....!.......!.............@..@.data...(.....3.......3.............@....pdata...@....8..B...84.............@..@.didat..0.....9......z5.............@....tls....a.....9......|5.............@....gehcont$.....:......~5.............@..@.rsrc.........:.......5.............@..@.reloc...'... :..(....5.............@..B........................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\libwavmodapi.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):4781360
                                                                                                                              Entropy (8bit):6.2772875088399855
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:63068466CA1174CAF81E4001FD0C59BD
                                                                                                                              SHA1:47631E02756A1F21155ED5843F387AEB690D0A1B
                                                                                                                              SHA-256:3C3D8D965BD77DEE71575465D21A66777F475E9DC096DC74ECA7F8C8563A59FB
                                                                                                                              SHA-512:11821EBE6C17F24C39FB0301C5563279866C422F19620395CCE909AC6729320D9461AF3B4C5B44D1B4F39763464C56F375CA99FEFEA7311DC736C1B6B627BA1D
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................8...........!..L.!This program cannot be run in DOS mode....$.......2N..v/..v/..v/..bD..a/..bD..x/..bD.../...L.u/...q.../...q..^/..bD..w/...q.../...q..r/...Z..A/...Z..~/...Z.. /..bD..k/..v/.......q.../...q..w/...qt.w/..v/..w/...q..w/..Richv/..........PE..d.....Ef.........." ......4...........*......................................pI.....NqI...`A........................................0.E.......F.@....0I......@G.`.....H.0)...@I..'....;.T.....................;.(...@.;...............5..............................text...r.4.......4................. ..`.rdata..``....5..b....4.............@..@.data........pF..|...RF.............@....pdata..`....@G.......F.............@..@.tls....a.....I.......H.............@....gehcont$.... I.......H.............@..@.rsrc........0I.......H.............@..@.reloc...'...@I..(....H.............@..B........................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\setup\asw90c391f1eedb9057.tmp (copy)

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:Generic INItialization configuration [BreachGuard]
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):0
                                                                                                                              Entropy (8bit):0.0
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:C011AA010CFD918407D0EBE2AD5FB23A
                                                                                                                              SHA1:255F3AA2CD0E591153F1F219C82A714AA8844F29
                                                                                                                              SHA-256:DACF8CAACCE7EFDDF4911077A43D5DC8B33AA5C042BAE011371FFAAB3B39691C
                                                                                                                              SHA-512:72E7FA88570C8481C0C68306AF3A7581C9DD3DAFB13302AA5F663FF0A0E2715468775EEDFDAF1B1B55C0B751FFF4C058696517DCDAFBFD0D90509220CB965A56
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:[RemoteAccessShield.Setting]..BruteForceMaxAttemptsPerDay=60..BruteForceMaxAttemptsPerHour=40..BruteForceMaxAttemptsPerMinute=30..BruteForceMaxAttemptsPerTenSeconds=12..[BreachGuard]..Enabled=0..[Settings.UserInterface]..ShellExtensionFileName=0..streaming=0..[WebmailSignature]..GmailEnabled=1..MaxRequestSize=16384..OutlookEnabled=1..YahooEnabled=1..[WebShield.NXRedirect]..Redirect=0..[Features.SwupOpswat]..Licensed=1..[Offers.GoogleChrome]..DefaultState=0..ShowInComplete=0..ShowInIntro=0..ShowInPaidBusiness=0..ShowInPaidConsumer=0..ShowInPost=1..UseTryOffer=0..[Offers.SecureBrowser]..ShowInIntro=1..[SecureBrowser]..UupdateInstall=0..[Symternals]..SubmitGeneration=2022-03-02..UnseenExesSubmit=2..[FileSystemShield.FileSystem]..EngineLdrModuleFlags=24..[PerfReporting]..AvastProcessesWprCaptureInterval=0..[Components]..ais_cmp_bpc=0..ais_cmp_fw=2..ais_cmp_sfzone=0..ais_shl_spm=3..[GrimeFighter]..info2_licensed_period=3600..info2_unlicensed_period=3600..LicensedClean=1..UseGF1License=1..[S

                                                                                                                              C:\Program Files\Avast Software\Avast\setup\config.def (copy)

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:Generic INItialization configuration [BreachGuard]
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):0
                                                                                                                              Entropy (8bit):0.0
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:C011AA010CFD918407D0EBE2AD5FB23A
                                                                                                                              SHA1:255F3AA2CD0E591153F1F219C82A714AA8844F29
                                                                                                                              SHA-256:DACF8CAACCE7EFDDF4911077A43D5DC8B33AA5C042BAE011371FFAAB3B39691C
                                                                                                                              SHA-512:72E7FA88570C8481C0C68306AF3A7581C9DD3DAFB13302AA5F663FF0A0E2715468775EEDFDAF1B1B55C0B751FFF4C058696517DCDAFBFD0D90509220CB965A56
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:[RemoteAccessShield.Setting]..BruteForceMaxAttemptsPerDay=60..BruteForceMaxAttemptsPerHour=40..BruteForceMaxAttemptsPerMinute=30..BruteForceMaxAttemptsPerTenSeconds=12..[BreachGuard]..Enabled=0..[Settings.UserInterface]..ShellExtensionFileName=0..streaming=0..[WebmailSignature]..GmailEnabled=1..MaxRequestSize=16384..OutlookEnabled=1..YahooEnabled=1..[WebShield.NXRedirect]..Redirect=0..[Features.SwupOpswat]..Licensed=1..[Offers.GoogleChrome]..DefaultState=0..ShowInComplete=0..ShowInIntro=0..ShowInPaidBusiness=0..ShowInPaidConsumer=0..ShowInPost=1..UseTryOffer=0..[Offers.SecureBrowser]..ShowInIntro=1..[SecureBrowser]..UupdateInstall=0..[Symternals]..SubmitGeneration=2022-03-02..UnseenExesSubmit=2..[FileSystemShield.FileSystem]..EngineLdrModuleFlags=24..[PerfReporting]..AvastProcessesWprCaptureInterval=0..[Components]..ais_cmp_bpc=0..ais_cmp_fw=2..ais_cmp_sfzone=0..ais_shl_spm=3..[GrimeFighter]..info2_licensed_period=3600..info2_unlicensed_period=3600..LicensedClean=1..UseGF1License=1..[S

                                                                                                                              C:\Program Files\Avast Software\Avast\setup\config.def.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:Generic INItialization configuration [BreachGuard]
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):36554
                                                                                                                              Entropy (8bit):5.857958407004161
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:42E3B751D9151B7A0F850DDA584A7687
                                                                                                                              SHA1:AAE50712F003F92BEE02A9067C8E5489C164A5AB
                                                                                                                              SHA-256:107821551AB12A36E63DB8B16B5D9D39B4F559A616C16AAEB0BDDD73A852CD3E
                                                                                                                              SHA-512:EEDB5E39875C558132BE78DAC11C0BE71183ADC68154047EC30A670DC564E653971840AA27987B9F37A48B6EF533B3D89C0EC824ECFE49E35198D5C64B335A39
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:[RemoteAccessShield.Setting]..BruteForceMaxAttemptsPerDay=60..BruteForceMaxAttemptsPerHour=40..BruteForceMaxAttemptsPerMinute=30..BruteForceMaxAttemptsPerTenSeconds=12..[BreachGuard]..Enabled=0..[WebShield.WebSocket]..Enabled=1..[Settings.UserInterface]..ShellExtensionFileName=0..[WebmailSignature]..GmailEnabled=1..MaxRequestSize=16384..OutlookEnabled=1..YahooEnabled=1..[WebShield.NXRedirect]..Redirect=0..[Features.SwupOpswat]..Licensed=1..[Offers.GoogleChrome]..DefaultState=0..ShowInComplete=0..ShowInIntro=0..ShowInPaidBusiness=0..ShowInPaidConsumer=0..ShowInPost=1..UseTryOffer=0..[Offers.SecureBrowser]..ShowInIntro=1..[SecureBrowser]..UupdateInstall=0..[Symternals]..SubmitGeneration=2022-03-02..UnseenExesSubmit=2..[FileSystemShield.FileSystem]..EngineLdrModuleFlags=24..[PerfReporting]..AvastProcessesWprCaptureInterval=0..[Components]..ais_cmp_fw=2..ais_shl_spm=3..[GrimeFighter]..info2_licensed_period=3600..info2_unlicensed_period=3600..LicensedClean=1..UseGF1License=1..[StreamFilter.

                                                                                                                              C:\Program Files\Avast Software\Avast\snxhk.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):420648
                                                                                                                              Entropy (8bit):5.8363082931885275
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:1D6B7927D646890A8AE2163CCBF91530
                                                                                                                              SHA1:55A04DD29EC78A270100E941992B9467DBE7A012
                                                                                                                              SHA-256:16E771FFF5615DE0AFC15FB2287CDA71C5039E33D889985F165029E78D434E79
                                                                                                                              SHA-512:9E7F2E823DBC5B67D206FD0E45242916EEF155A4D6E3A6A3E794AFAF9E779926BA7605DF5BF05EE7EFA8CAD66B5737684A617DE77CD2B2575D863820EE80AED6
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......X....O...O...O...=...O...=...O...O...O.......O.......O......6O...=...O...=...O...O...O..v....O..v....O..v....O...Oq..O..v....O..Rich.O..........................PE..d...E..f.........." ...&.....p......@................................................=....`.........................................p%..l....%..<.... ..(...........H@...*.......... ...........................(.......@............ ...............................text............................... ..`.rdata..<.... ......................@..@.data...TP...@......................@....pdata...........0...6..............@..@_RDATA...............f..............@..@.detourcp!......."...h..............@..@.detourd............................@....rsrc...(.... ......................@..@.reloc...............4..............@..B........................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\su_adapter.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2701096
                                                                                                                              Entropy (8bit):6.499333128030422
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:E2F554F466680A7980C8975DD209C654
                                                                                                                              SHA1:2CAC416E07C9670AF74E9CCD0063312004B5BEC3
                                                                                                                              SHA-256:F4DA96A0502A4161DD19595C91EF654C54CEB82F066B48E1723E6F2174AA3438
                                                                                                                              SHA-512:1884F99DCCF9CE93F9E4B9074D840450CCCC720149CAD6B271FF1639F825456D537B281038B3A486EFA297DAE10DD5A6832193187F5A380B8479424334AB2220
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................P...........!..L.!This program cannot be run in DOS mode....$.........V..........)*.....)......)......).....................D...............o....)......)............z........."...........)..@....)......)(.....@.....).....Rich...........................PE..d...p..f.........." ...&.`...................................................p).......)...`A..........................................%.`...P %......0).......'.hf..H.)..*...@).4"....!.......................!.(.......@............p........%......................text...._.......`.................. ..`.rdata..(....p.......d..............@..@.data....&....%......h%.............@....pdata..hf....'..h...v'.............@..@.didat....... ).......(.............@....rsrc........0).......(.............@..@.reloc..4"...@)..$....(.............@..B........................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\su_common.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):253224
                                                                                                                              Entropy (8bit):6.793007465423463
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:E14D7E3DC117A9D6C51067DCBE67761D
                                                                                                                              SHA1:908A6EF41E420F3100ED1538EC7E3138AB12BC72
                                                                                                                              SHA-256:6C5A83E43F2D3566D9D4727305F9D4AC9AB3FA151445FDC7D0E71BB9C11C7A59
                                                                                                                              SHA-512:AEDD762405BB3E4FB949D5161E62D815FE2694364BD79265E79DE81258696ED8AC5A4B91D4671ABF407C8B24B54663BF2E2FA8AA3283C96ECFBA6D0974C7E655
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$.....................+~.....+......+......+................................+............+.....+......+......+|...........+.....Rich...........................PE..d...8..f.........." ...&.&...........................................................R....`A...........................................T...D...........p.......@...H....*......$....f.......................g..(.......@............@...............................text...K%.......&.................. ..`.rdata...a...@...b...*..............@..@.data...............................@....pdata..@...........................@..@.rsrc...p...........................@..@.reloc..$...........................@..B................................................................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\su_worker.exe.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):4899112
                                                                                                                              Entropy (8bit):6.496110678684277
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:2FE1DBBA21A2B6274E410B860B8C2B58
                                                                                                                              SHA1:336302246A5E7D32B62352489DB9C571A937F150
                                                                                                                              SHA-256:6CA4BCD08C63EA6D80A4351BBC0AE8684DC5AF1B512193C4AEF62CF9AB935C4A
                                                                                                                              SHA-512:725DC03108562C6A8807EF1F79A56EB932E627B1860B17C7808F420EF12E97B8AE958DAE8BA1FF710F44B43AF22EDD7BA9FAB742D7F02BFDC1809370E2791F1C
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................P...........!..L.!This program cannot be run in DOS mode....$......._).m.H.>.H.>.H.>..=>.H.>...?.H.>...?.H.>...?.H.>...?#H.>P0.?.H.>.0S>.H.>M=.?.H.>.=.?.H.>.=.?.H.>.H.>.H.>M=.?.H.>...?.H.>P0.?8H.>.H.>tK.>.:.?.H.>q..?.I.>q..?.H.>q.?>.H.>.HW>.H.>q..?.H.>Rich.H.>................PE..d...a..f.........."....&. 0........... ........@..............................K.......J...`.........................................`F?.....DG?.......J.H.... H.4T..H.J..*....J..g..H68......................78.(....p2.@............00..............................text.....0...... 0................. ..`.rdata...t...00..v...$0.............@..@.data...Xf....?..4....?.............@....pdata..4T... H..V....G.............@..@.rsrc...H.....J......$J.............@..@.reloc...g....J..h....J.............@..B................................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\wa_3rd_party_host_32.exe.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32 executable (console) Intel 80386, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2250032
                                                                                                                              Entropy (8bit):6.632064747900999
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:0B9199F978354026E8A571D0B87AEAB4
                                                                                                                              SHA1:C58872EF4CFC8994550E9C59CB70839AFEAADF31
                                                                                                                              SHA-256:C2F77F4AC4123B0083096D1AC9218A2DA14FA3C28399FE75F3970C740E962C6A
                                                                                                                              SHA-512:3E70085BFA174A74723959BF832CE10155C55DEF270431F3BB9401816468DFB8CF3E16F4108574900434FBFC5DFB3B325EF1DC0E797906E109514E513F38337F
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.........p>...m...m...m..lv..m..l...mVn.m...me..l...me..l...me..lA..m..l...m..l...m..l...m...m...m...l...m...l...m...l...m...m...m..m...m...l...mRich...m........PE..L...@.Ef.....................(......`.............@...........................".....O%#...@..........................J ......O ......P!.`?...........,".0)....!.........p............................&..@...............<...TJ .@....................text...Z........................... ..`.rdata..ZW.......X..................@..@.data...x....p ..v...\ .............@....didat.......0!....... .............@....tls.........@!....... .............@....rsrc...`?...P!..@.... .............@..@.reloc........!.......!.............@..B........................................................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\wa_3rd_party_host_64.exe.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2826544
                                                                                                                              Entropy (8bit):6.391159868198976
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:304F226DADC5468F039FE02DFAB3046C
                                                                                                                              SHA1:F50B4B6BED200B6EADF67508FCB6A7C68F1F5B13
                                                                                                                              SHA-256:E5410F5680C636EA57B4DBF730E7D1C2C17B43C43B10CB020AB254A1D793EA0A
                                                                                                                              SHA-512:5E6E82A3EA2C7B616BD17AF3EC0ECC3157525D0D530422A86474E4FB83A0AC8D7052A56C44646238AC19BE41BBEF9D0C7543A3EC8752CBF22D384B30AD14AECE
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$..........<V.noV.noV.noB.mnZ.noB.kn.no.#.oU.no..mn_.no..jn~.no..kn.noB.hnT.noB.jnN.noB.onG.noV.oor.no..jnE.no..fn..no..nnW.no..oW.noV..oW.no..lnW.noRichV.no................PE..d.....Ef.........."......|...x......@..........@..............................+..... d+...`..........................................o(.X....t(......0+.`?....).Df....*.0)...p+..(..0i$.p....................i$.(...P."......................o(.@....................text...\z.......|.................. ..`.rdata..r...........................@..@.data...t.....(.......(.............@....pdata..Df....)..h... ).............@..@.didat.. .....+.......*.............@....tls..........+.......*.............@....gehcont$.... +.......*.............@..@.rsrc...`?...0+..@....*.............@..@.reloc...(...p+..*....*.............@..B................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\x86\dnd_helper.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):853800
                                                                                                                              Entropy (8bit):6.048642008680808
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:B0E4EB0635E31BB353CB407AF3CEBEF5
                                                                                                                              SHA1:6F191DEAB17955511B74608E69208FA1C4987D5E
                                                                                                                              SHA-256:9A3BC6588AD182DB0B3C60966D86E62E85FEAE27B7888B71D0C84C7AB6351AB4
                                                                                                                              SHA-512:717E30F243F4198D9CDB750B1F2226451EE000055DC06F2236E0B6E168AF4468D15594E1E43B474EB22B1CA42396FFC41EE6456BE36EEA16D9022F0279111EC8
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$........l.\........................................;........uz....................*x......*x......;.........................................~.............Rich....................PE..L...x..f...........!...&.n...z......0)....................................... ......jG....@A................................H.......................H....*......._..P................................p..@.......................`....................text....m.......n.................. ..`.rdata...\.......^...r..............@..@.data...x...........................@....didat...............r..............@....rsrc................t..............@..@.reloc..._.......`...|..............@..B................................................................................................................................................................................................................

                                                                                                                              C:\Program Files\Avast Software\Avast\x86\snxhk.dll.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):346408
                                                                                                                              Entropy (8bit):5.955955562349347
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:B7DA8BBE3522BFEB8FB6300E67BD782C
                                                                                                                              SHA1:86337C44A3F966D3C09731DA6C36F5103B6601A8
                                                                                                                              SHA-256:3385077B54A386AC89B7B7C35E80B8912C9CD81D0E23AC05BEF9FE21F52A8799
                                                                                                                              SHA-512:52A06BEC60D015ADD3CE6CAA58CDA6F4D05F6876DFD43B9CB03EBD7CE9C959EC5506D449E53565621566F4C537C6087F77C907C985FB328B7C807F2115CEA4D8
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........GU..&;..&;..&;.-T8..&;.-T>.t&;...?..&;...8..&;...>..&;.-T?..&;.-T:..&;..&:.v&;...2..&;...;..&;......&;..&...&;...9..&;.Rich.&;.........................PE..L......f...........!...&.^...................p............................................@.............................l.......<.......(...........H....*...P...4..........................@...........@............p...............................text....].......^.................. ..`.rdata......p.......b..............@..@.data....A... ......................@....detourcH....p.......,..............@..@.detourd.............>..............@....rsrc...(............@..............@..@.reloc...4...P...6..................@..B................................................................................................................................................................................................

                                                                                                                              C:\ProgramData\Avast Software\Avast\fw\config.xml.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2126
                                                                                                                              Entropy (8bit):3.622805597920419
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:60424032333D4723D7F4FF7543A7AA76
                                                                                                                              SHA1:1FA9FA26B21439ADCD5258727F9CD0B954D0F5A1
                                                                                                                              SHA-256:BE79AFFC10F1D93F9AE438C6320FEED7846BCB0950CD32E8A564EEB59203B6EA
                                                                                                                              SHA-512:859A800DFD2DE9F0BC0F5E81A8F0AB80EEFCB56FE0A9E634AB8CD13881FFD26E13448529D9A0D096A61D5F1E410EEAD06DAC75A91B09FAF7F692D8884A41456C
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.A.v.F.i.r.e.w.a.l.l.C.o.n.f.i.g. .t.y.p.e.=.".C.o.n.f.i.g.u.r.a.t.i.o.n.". .v.e.r.s.i.o.n.=.".1.".>.......<.S.y.s.t.e.m.R.u.l.e.s.>.........<.A.l.l.o.w.D.H.C.P.P.u.b.l.i.c. .v.a.l.u.e.=.".1."./.>.........<.A.l.l.o.w.D.N.S.P.u.b.l.i.c. .v.a.l.u.e.=.".1."./.>.........<.W.i.n.d.o.w.s.F.i.l.e.A.n.d.P.r.i.n.t.e.r.s.S.h.a.r.i.n.g.S.e.r.v.e.r.P.u.b.l.i.c. .v.a.l.u.e.=.".0."./.>.........<.W.i.n.d.o.w.s.F.i.l.e.A.n.d.P.r.i.n.t.e.r.s.S.h.a.r.i.n.g.C.l.i.e.n.t.P.u.b.l.i.c. .v.a.l.u.e.=.".2."./.>.........<.A.l.l.o.w.R.e.m.o.t.e.D.e.s.k.t.o.p.S.e.r.v.e.r.P.u.b.l.i.c. .v.a.l.u.e.=.".0."./.>.........<.O.u.t.g.o.i.n.g.P.i.n.g.A.n.d.T.r.a.c.e.P.u.b.l.i.c. .v.a.l.u.e.=.".1."./.>.........<.I.n.c.o.m.i.n.g.P.i.n.g.A.n.d.T.r.a.c.e.P.u.b.l.i.c. .v.a.l.u.e.=.".0."./.>.........<.A.l.l.o.w.I.G.M.P.T.r.a.f.f.i.c.P.u.b.l.i.c. .v.a.l.u.e.=.".0."./.>.........<.A.l.l.o.w.M.u.l.t.i.c.a.s.t.T.r.a.f.f.i.c.P.u.b.l.i.c. .v.a.l.u.e.=.".

                                                                                                                              C:\ProgramData\Avast Software\Avast\fw\templates.ori.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):208062
                                                                                                                              Entropy (8bit):3.48572370021586
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:57C48534CB09FA5C69CC50F9DEE38780
                                                                                                                              SHA1:7F79A4C14AC785168AB952DF20BBFDC3CB8B4DAA
                                                                                                                              SHA-256:6981C6ED47732DCB649950F4A51B17FF3D366CCF14A51009F0B92D3F210B047C
                                                                                                                              SHA-512:35727437E3BAA2D23D178303989B0BD7D7338C656C7745496899854275DF36011546F4B7F93109D6F2E639C92FA14787B5014736AAC8166CAA16B50D8F610077
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.A.v.F.i.r.e.w.a.l.l.C.o.n.f.i.g. .t.y.p.e.=.".R.u.l.e.s.". .v.e.r.s.i.o.n.=.".2.".>......... . . . .<.!.-.-. .L.o.c.a.l.h.o.s.t. .P.u.b.l.i.c. .-.-.>..... . . . .<.S.y.s.t.e.m.R.u.l.e. .p.r.o.p.a.t.h.=.".a.v.c.f.g.:././.F.i.r.e.w.a.l.l./.S.y.s.t.e.m.R.u.l.e.s./.A.l.l.o.w.L.o.c.a.l.h.o.s.t.P.u.b.l.i.c.".>..... . . . . . .<.E.n.a.b.l.e.>..... . . . . . . . .<.U.p.d.a.t.e. .t.a.r.g.e.t.=.".P.a.c.k.e.t.R.u.l.e.s.".>..... . . . . . . . . . .<.S.e.c.t.i.o.n. .n.a.m.e.=.".P.r.e.R.u.l.e.s.". .i.d.=.".{.0.0.0.a.2.9.4.9.-.5.f.4.b.-.4.9.d.1.-.b.1.d.0.-.5.6.2.a.0.c.8.7.d.1.7.8.}.". .v.e.r.s.i.o.n.=.".2.". .p.o.s.i.t.i.o.n.=.".b.e.g.i.n.". .>..... . . . . . . . . . . . .<.R.u.l.e.s.>..... . . . . . . . . . . . . . .<.R.u.l.e. .n.a.m.e.=.".L.o.c.a.l.h.o.s.t. .P.u.b.l.i.c.". .i.d.=.".{.2.3.f.9.f.8.3.6.-.6.5.8.a.-.4.f.4.5.-.8.7.9.2.-.2.e.a.0.1.a.b.5.d.4.d.8.}.". .e.n.a.b.l.e.d.=.".1.". .p.r.o.f.i.l.e.=.".3.". .a.c.t.

                                                                                                                              C:\ProgramData\Avast Software\Avast\gaming_mode\dnddetection.dat.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:data
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):555659
                                                                                                                              Entropy (8bit):7.999646181497576
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:0BD42763975DC54AD5EFDCD321C750CB
                                                                                                                              SHA1:24202455A58C7CED31240A90603C6489728BBFCE
                                                                                                                              SHA-256:4845A0D7B287399933536C12AD5549FA4F4D49F42500C7311DC2C3C108480A7C
                                                                                                                              SHA-512:9204678DDEF894657C0F6BD5451294E104FFDEA90DAE12FC3F642547DEBB80435B0CC9D08680F50482BC1236DAF5AE1CD79C322EADCDE7765E9E251231753E79
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]....a.;..=........y...>D.M..7.......4S.........l.+1.1..l]|N...7...fx.).N.D.5.F.w......'..Af.>[.u\v........t..E..&.6.u...0...,.V@aI..w.......N`.........N"....c.ZLO.Q.3.>/.g.Xy9.a>..u.SY....c.(...3).j.w..U..G=.vX..C.;v...0.88.._3.......0)dZ.*..f..x....A#vWF4I.'.....Gk..!.......5.;..q.Dl.MJ..?.....^..;Ds<e...........)&+.."..N....y.....C.".)....C.C.w.Y3. ,.%1Z.J... .wi..S....I.vt\w.:....oN.K.e.\.........~...V)7....Z'.....}..-.,..).i..K..fp../.e.E.........@.~v....#..5...I6$.UJ.T...*z.....tv...R...TN.(....q.M...F../G.o....R...(~.....y(....GT.{............qT*.^..6k.{. .F...U..{K1.....>...t.f.^F..x.L.........o.p.#o?.M..6..c5...x.<.u.B&.V.7...Qd$..I.{.6......cD..K..Z-.....A6..v..m.e<....p...a....L.8.A...S....P..].~}=.:T/XX....DcC_%...'.s.:...2.:...?.I..)....Ak...9...9..o5&..K[...`.T:r..5Ubm..u0$.M\A.\....G&..l..,j..g'.2.~.....af...6]xZ..{..B...9.f6.3E....o..O..W./7.+.`7...Q.).R....d..:......b....0..y.y..-..uis.!..J@By.v?..0.....1.aQ..'.$%&'.+...t

                                                                                                                              C:\ProgramData\Avast Software\Avast\snx_gconfig.xml.ipending.80cd7a23

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):15320
                                                                                                                              Entropy (8bit):3.6253361142370943
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:DB89473157A2109D2CC065B9C62ACD27
                                                                                                                              SHA1:D903A0ED7C5AA5A686C883A597894657A8C0BEB9
                                                                                                                              SHA-256:2B8D115E38B1AC4EA4FE0EA24006E4E2D7E6429F469B4FF0F1EA45FEE4E7E8D6
                                                                                                                              SHA-512:41486F90632E52127358B7A6046B347D47FFBDD62970ED67980B56C247F68ECE4D7D0250E19C28C7045AB3D4C9D7DB40E1AEAF2A4AB33D6AE4B591F05EBE3D3B
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.S.n.x.C.o.n.f.i.g. .t.y.p.e.=.".C.o.n.f.i.g.u.r.a.t.i.o.n.". .v.e.r.s.i.o.n.=.".3.".>..... . . . .<.K.e.r.n.e.l.>..... . . . . . . . .<.A.v.a.s.t.>..... . . . . . . . . . . . .<.S.o.u.r.c.e.D.i.r.e.c.t.o.r.y. .n.a.m.e.=."."./.>..... . . . . . . . . . . . .<.T.a.r.g.e.t.D.i.r.e.c.t.o.r.y. .n.a.m.e.=.".\.a.v.a.s.t.!. .s.a.n.d.b.o.x.". .f.l.a.g.s.=.".f.P.e.r.V.o.l.u.m.e."./.>..... . . . . . . . . . . . .<.T.e.m.p.l.a.t.e.s.>..... . . . . . . . . . . . . . . . .<.P.r.o.c.e.s.s.N.a.m.e.E.n.t.r.y. .f.l.a.g.s.=.".f.L.a.s.t.F.i.l.e.n.a.m.e.P.a.r.t.". .n.a.m.e.=.".f.i.r.e.f.o.x...e.x.e.".>..... . . . . . . . . . . . . . . . . . . . .<.E.x.c.l.u.d.e. .n.a.m.e.=.".%.A.p.p.D.a.t.a.%.\.M.o.z.i.l.l.a.\.F.i.r.e.f.o.x.\.P.r.o.f.i.l.e.s.\.*.\.b.o.o.k.m.a.r.k.*.". .i.d.=.".{.9.8.C.D.E.9.4.C.-.5.B.A.7.-.4.0.1.d.-.9.2.C.2.-.9.0.D.B.B.4.2.F.9.A.3.F.}."./.>..... . . . . . . . . . . . . . . . . . . . .<.E.x.c.l.u.d.e. .n.a.

                                                                                                                              C:\ProgramData\Avast Software\Icarus\avast-av\icarus.ini

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus.exe
                                                                                                                              File Type:Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):178
                                                                                                                              Entropy (8bit):4.925045770262572
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:FF8DD946D67B06B527E421AE253A3ACF
                                                                                                                              SHA1:B6C499D2657BE5C8997EF163B7392D714FE15F1A
                                                                                                                              SHA-256:6DF6FF325076733AB2C240D1B8276016F8BEEC33A0749B28EE35C97FB3FD0899
                                                                                                                              SHA-512:BDEA446399F2B18AD3BB7D5E24E7E5727AA82F7D526EBFD81CABA472BEF2F45A71731478E359BC84514AF2C6232E1E65BBC512FC8A5D9E4BBC35D3B7ED40D221
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:...[avast-av]..company-install-path=C:\Program Files\Avast Software..company-reg-key=SOFTWARE\Avast Software..product-dir=Avast..product-reg-key=Avast..program-data-dir=Avast..

                                                                                                                              C:\ProgramData\Avast Software\Icarus\settings\temporary_proxy.ini

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):278
                                                                                                                              Entropy (8bit):3.4584396735456933
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:B8853A8E6228549B5D3AD97752D173D4
                                                                                                                              SHA1:CD471A5D57E0946C19A694A6BE8A3959CEF30341
                                                                                                                              SHA-256:8E511706C04E382E58153C274138E99A298E87E29E12548D39B7F3D3442878B9
                                                                                                                              SHA-512:CF4EDD9EE238C1E621501F91A4C3338EC0CB07CA2C2DF00AA7C44D3DB7C4F3798BC4137C11C15379D0C71FAB1C5C61F19BE32BA3FC39DC242313D0947461A787
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:......[.P.r.o.x.y.S.e.t.t.i.n.g.s.].....A.u.t.h.o.r.i.z.a.t.i.o.n.=.0.....A.u.t.o.m.a.t.i.c.E.n.a.b.l.e.d.=.0.....C.o.n.f.i.g.U.r.l.=.....F.a.l.l.b.a.c.k.=.1.....P.o.r.t.=.8.0.8.0.....P.r.o.x.y.N.a.m.e.=.....P.r.o.x.y.T.y.p.e.=.0.....U.s.e.r.N.a.m.e.=.....U.s.e.r.P.a.s.s.=.....

                                                                                                                              C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:Microsoft Cabinet archive data, Windows 2000/XP setup, 71954 bytes, 1 file, at 0x2c +A "authroot.stl", number 1, 6 datablocks, 0x1 compression
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):71954
                                                                                                                              Entropy (8bit):7.996617769952133
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:49AEBF8CBD62D92AC215B2923FB1B9F5
                                                                                                                              SHA1:1723BE06719828DDA65AD804298D0431F6AFF976
                                                                                                                              SHA-256:B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F
                                                                                                                              SHA-512:BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MSCF............,...................I..................XaK .authroot.stl.[.i..6..CK..<Tk......4.cl!Kg..E..*Y.f_..".$mR"$.J.E.KB."..rKv.."{.g....3.W.....c..9.s...=....y6#..x..........D......\(.#.s.!.A.......cd.c........+^.ov...n.....3BL..0.......BPUR&.X..02.q...R...J.....w.....b.vy>....-.&..(..oe."."...J9...0U.6J..|U..S.....M.F8g...=.......p...........l.?3.J.x.G.Ep..$g..tj......)v]9(:.)W.8.Op.1Q..:.nPd........7.7..M].V F..g.....12..!7(...B.......h.RZ.......l.<.....6..Z^.`p?... .p.Gp.#.'.X..........|!.8.....".m.49r?.I...g...8.v.....a``.g.R4.i...J8q....NFW,E.6Y....!.o5%.Y.....R..<..S9....r....WO...(.....F..Q=*....-..7d..O(....-..+k.........K..........{Q....Z..j._.E...QZ.~.\.^......N.9.k..O.}dD.b1r...[}/....T..E..G..c.|.c.&>?..^t. ..;..X.d.E.0G....[Q.*,*......#.Dp..L.o|#syc.J............}G-.ou6.=52..XWi=...m.....^u......c..fc?&pR7S5....I...j.G........j.j..Tc.El.....B.pQ.,Bp....j...9g.. >..s..m#.Nb.o_u.M.V...........\#...v..Mo\sF..s....Y...

                                                                                                                              C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F2E248BEDDBB2D85122423C41028BFD4

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:Certificate, Version=3
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1428
                                                                                                                              Entropy (8bit):7.688784034406474
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:78F2FCAA601F2FB4EBC937BA532E7549
                                                                                                                              SHA1:DDFB16CD4931C973A2037D3FC83A4D7D775D05E4
                                                                                                                              SHA-256:552F7BDCF1A7AF9E6CE672017F4F12ABF77240C78E761AC203D1D9D20AC89988
                                                                                                                              SHA-512:BCAD73A7A5AFB7120549DD54BA1F15C551AE24C7181F008392065D1ED006E6FA4FA5A60538D52461B15A12F5292049E929CFFDE15CC400DEC9CDFCA0B36A68DD
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:0...0..x..........W..!2.9...wu\0...*.H........0b1.0...U....US1.0...U....DigiCert Inc1.0...U....www.digicert.com1!0...U....DigiCert Trusted Root G40...130801120000Z..380115120000Z0b1.0...U....US1.0...U....DigiCert Inc1.0...U....www.digicert.com1!0...U....DigiCert Trusted Root G40.."0...*.H.............0..........sh..]J<0"0i3..%..!=..Y..).=X.v..{....0....8..V.m...y....._..<R.R....~...W.YUr.h.p..u.js2...D.......t;mq.-... .. .c)-..^N..!a.4...^.[......4@_.zf.w.H.fWW.TX..+.O.0.V..{]..O^.5.1..^......@.y.x...j.8.....7...}...>..p.U.A2...s*n..|!L....u]xf.:1D.3@...ZI...g.'..O9..X..$\F.d..i.v.v=Y]Bv...izH....f.t..K...c....:.=...E%...D.+~....am.3...K...}....!........p,A`..c.D..vb~.....d.3....C....w.....!..T)%.l..RQGt.&..Au.z._.?..A..[..P.1..r."..|Lu?c.!_. Qko....O..E_. ........~.&...i/..-............B0@0...U.......0....0...U...........0...U..........q]dL..g?....O0...*.H..............a.}.l.........dh.V.w.p...J...x\.._...)V.6I]Dc...f.#.=y.mk.T..<.C@..P.R..;...ik.

                                                                                                                              C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:data
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):328
                                                                                                                              Entropy (8bit):3.2216907290480865
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:7A7AE785C602DD274235079287C65BA8
                                                                                                                              SHA1:C6B180F83618849C9AFC8A61C9511B83A31EEE1E
                                                                                                                              SHA-256:A08D58872957C56939C657AD5534C465677A731D512DEC658DCFD7080DC1065C
                                                                                                                              SHA-512:8DE2192AE907CC36D63658AF06CB452E1AD484EC73E24F2D9983015D3F9EC36216FAB1D88045EEFAA6149713C290EA647A4582B3ABA3553134BC4D21B94FED73
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:p...... ........t..21...(....................................................... ........G..@.......&......X........h.t.t.p.:././.c.t.l.d.l...w.i.n.d.o.w.s.u.p.d.a.t.e...c.o.m./.m.s.d.o.w.n.l.o.a.d./.u.p.d.a.t.e./.v.3./.s.t.a.t.i.c./.t.r.u.s.t.e.d.r./.e.n./.a.u.t.h.r.o.o.t.s.t.l...c.a.b...".a.7.2.8.2.e.b.4.0.b.1.d.a.1.:.0."...

                                                                                                                              C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F2E248BEDDBB2D85122423C41028BFD4

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:data
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):254
                                                                                                                              Entropy (8bit):3.0341788374351526
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:F365F9612DA6B3401ABED366F3897BC4
                                                                                                                              SHA1:CEBD3C502A9A6996CB599E4C14FB4B06D7CE9990
                                                                                                                              SHA-256:2DC1BEA28199C9BD58C7D7D0B48742C23325F0CF3A665A9E3E4234DF14EE9473
                                                                                                                              SHA-512:09AAE9C0D49B9E196CC025CDA188600861207E321705DCC5C2A303266568BB441504D246659E8FDA7ECE12CB306B1051E3F0E0C3A669807661311DF2A15E49DB
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:p...... ....l...#&.11...(....................................................... ............n......................h.t.t.p.:././.c.a.c.e.r.t.s...d.i.g.i.c.e.r.t...c.o.m./.D.i.g.i.C.e.r.t.T.r.u.s.t.e.d.R.o.o.t.G.4...c.r.t...".5.a.2.8.6.4.1.7.-.5.9.4."...

                                                                                                                              C:\Users\user\AppData\Local\Temp\6358C710-B89F-46B9-93F2-F6CAC44F5286

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:data
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1128
                                                                                                                              Entropy (8bit):3.8589539412166585
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:FF6A65A96FA6F9944C6CEF4E38038FFB
                                                                                                                              SHA1:283045F8EEE8417A12DB1994ABB18775DDAF3E0F
                                                                                                                              SHA-256:6099338DA8F14AA7990BBF318FED82BF45E0B084134FC55A689F1CA9485F8A2D
                                                                                                                              SHA-512:C937D4A8861B8F964B177F7A97ACD639899EFD13C78E3FEF8AB6829D88052AD0A0CC5829742318E43F6C1FF092CDF1F2347F08D9924F4CD272EEE7E576D8332E
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.Q.4.r.M.2.L.X.q.G.k.G.K.r.U.J.w.j.m.P.t.C.g.Q.A.A.A.A.C.A.A.A.A.A.A.A.Q.Z.g.A.A.A.A.E.A.A.C.A.A.A.A.C.f.U.L.b.k.S.F.P.C.Q.S.0.y.f.E.V.B.u.F.F.Q.H.+.q.Z.r.2.+.E.f.T.b.k.3.U.E.E.1.I.s.D.h.Q.A.A.A.A.A.O.g.A.A.A.A.A.I.A.A.C.A.A.A.A.C.j.X.V.0.e.X.8.0.Q.R.4.x.Y.s.Z.h.P.r.T.K.Q.j.h.p.9.M.6.B.3.1.8.M.j.v.C.X.M.w.Q.K.x.o.t.A.A.A.A.A.L.X.L.W.i.D.N.U.d.x.p.n.f.F.q.M.i.v.5.7.n.b.L.j.z.e.I.D.b.r.b.c.J.X.g.d.J.s.B.Y.N.p.b.h.o.h.2.l.C.h.Q.U.M.B.2.c.V.P.y.L.X.w.U.V.A.O.2./.f.F.e.s.C./.V.e.g.3.J.J.O.2.r.r.Z.B.0.n.+.Z.C.h.d.S.Q.L.K.3.T.A.I.X.Q.U.l.+.Z.6.r.M.x.6.I./.j.o.1.z.x./.4.V.v.L.3.p.k.W.7.4./.G.p.9.i.y.X.I.1.E.9.Z.W.r.z.e.C./.H.3.W.G.M.n.x.Z.Q.n.X.T.0.V.h.A.7.Z.k.V.h.A.3.y.0.O.B.O.Z.I.C.r.k.F.G.a.d.3.w.I.h.Y.r.t.M.Z.X.9.P.Q.w./.M.r.B.J.z.G.6.T.D.9.m.J.4.l.+.0.7.B.a.5.o.V.u.W.k.m.7.L.2.f.W.q.D.R.e.W.t.B.K.H.9.A.h.w.k.u.g.H.1.r.u.+.+.Q.J.n.3.P./.V.m.V.j./.g.b.u.6.K.P.k.C.K.S.S.8.z.Q.A.A.A.A.F.6.+.c.e.N.z.6./.H.X.A.H.P.f.Z.8.B.h.j.m.G.g.

                                                                                                                              C:\Users\user\AppData\Local\Temp\D566D7D7-DCD6-471C-8109-BE0AD33199E3

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:data
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):64
                                                                                                                              Entropy (8bit):2.8201597655573916
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:0B757099B383418D5525A45E104AE534
                                                                                                                              SHA1:28A9AF45605A36C1BA45916F0C3722472B570AC8
                                                                                                                              SHA-256:840B07AA1D9058F09F18E7447DCC365B0BA30B97C46655848339945DD8D58D83
                                                                                                                              SHA-512:7DB765CBE8F9F9BD65613B0CA24126BAFD3548F3C72934B7099DE43BB7E0C123061DE69255D2497F2D8698E0AA58B2EDE8B45C3D7FBDE223A1A49E50B4A47AA6
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:4.5.9.0.B.C.F.E.E.E.C.5.A.0.C.6.A.5.E.9.A.3.8.4.B.C.5.F.1.0.7.7.

                                                                                                                              C:\Users\user\AppData\Local\Temp\F07D8C6A-04B6-4025-869C-70A788D7B5C0

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:data
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):72
                                                                                                                              Entropy (8bit):2.8763576394898522
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:90F6146846D0C9BBECB1515DD2A21221
                                                                                                                              SHA1:7938A5BD6C871BB0A2C6D45DE97E3C72271B1F5D
                                                                                                                              SHA-256:FF255ABC334DD5B4F62A12819A84B9D8D359811CA8EFE9618E8BD094A119E068
                                                                                                                              SHA-512:4CABD16CE4A70E53EDB26C9C6DAA7C0815B9CDA0A76E71135F0995435C5B23386ACF51C2BBE5FA04AC912C0FECF17887BAAB6933904F96CD179632DE1BF884C2
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:5.4.0.3.a.5.3.8.-.6.6.a.7.-.4.d.6.f.-.9.5.2.9.-.5.7.4.d.e.3.9.6.a.f.0.1.

                                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 14 11:03:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2673
                                                                                                                              Entropy (8bit):3.9824756043382417
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:B4DCFA4BDE24ACD6DFD650B497F80E86
                                                                                                                              SHA1:4493F4330CDFB01A118A52EA5784F5282A05F079
                                                                                                                              SHA-256:9F368868BF9D34CBCFCE94DC9F4864D77DE3D32D40BAE2641440872218F0772A
                                                                                                                              SHA-512:91D8B41B45D9359F3502E5544710860CCC6877DCC3C9D824F6D974731A6C8A8C6FC570B770567156967B6C887E39F6D0609C48427951D27ED9F5A8E641534950
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:L..................F.@.. ...$+.,.....U..1...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INYj`....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNYv`....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNYv`....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNYv`..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNYx`...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............Sg.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 14 11:03:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2675
                                                                                                                              Entropy (8bit):4.000422494897185
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:9F6A1FF67520F8BF144E30FB9CB0E89A
                                                                                                                              SHA1:DF3DB9C88D98B620A52DDBC84049C1996AEF3281
                                                                                                                              SHA-256:2AF22F237E4AC3EACE9907DB24A2E995FF9E08D2DA8171BE5AC361DC4AA3209E
                                                                                                                              SHA-512:39C18CF4B5D5360F7465ACBC7605EDDA6F432C31D116795B7C1F1123F75E7697E8B678C7B34A90E15D07260F9B6DDBAF6407B5D4F4CE3A301B68CB2A22A8E500
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:L..................F.@.. ...$+.,........1...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INYj`....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNYv`....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNYv`....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNYv`..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNYx`...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............Sg.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Fri Oct 6 08:05:01 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2689
                                                                                                                              Entropy (8bit):4.0055699580229085
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:1CC38B557DF9819F7343A53B3CB3F768
                                                                                                                              SHA1:9B0B3038F69CF8CBC25DA90BCA5210179DD45BD5
                                                                                                                              SHA-256:B8F8C439063159F9154E38EB528514751BB60397965CD455CD91C296640D24A4
                                                                                                                              SHA-512:9581286C843E07B8333095B7CC250397C4333AFD35EB64AD3EA49101A8618378529B1F261F7ABF6FEDB23DCD8DA0ECFCC5558BB98D542DA221175E521ECA8DF5
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:L..................F.@.. ...$+.,.....Y.04...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INYj`....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNYv`....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNYv`....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNYv`..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VFW.E...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............Sg.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 14 11:03:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2677
                                                                                                                              Entropy (8bit):3.9967089536798674
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:777F69F5C39E9F0778C68D0F6C9B6925
                                                                                                                              SHA1:7E2EFE3023A1F397B33385CC33D9CE07A87E03D5
                                                                                                                              SHA-256:08F8277D36A4EB5E30A18631704BBF8497EBE036D0067F9230FADB98F788F2DA
                                                                                                                              SHA-512:49E194EDBA2A5AB8D1FC76694170D794A39B1EC9A16DA5D64ACE423E2EE07797E54D07FB339C64DBB4A2A1D5712B2E9566E9684DA1ACDBE75E5B4DA156075F8D
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:L..................F.@.. ...$+.,.......1...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INYj`....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNYv`....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNYv`....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNYv`..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNYx`...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............Sg.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 14 11:03:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2677
                                                                                                                              Entropy (8bit):3.9870497572576094
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:596B42BB5D103DF2A54CB9B423379406
                                                                                                                              SHA1:8FA7B7B8A3BDD11FE12FA0AA3D2CCC5C147C0756
                                                                                                                              SHA-256:9B57EC54494C1638099E58538EEA17F3D9731F9EFF9D5FADF5F660BCFA62B88A
                                                                                                                              SHA-512:B0629F23C1BE19908E08AE45D8FA84E76D8542441888E36AEF4CB709EF5840BCC8EA4B42A753DB7F73809B27A993FAB4F069459D77A66139D598FA62A0C6D70C
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:L..................F.@.. ...$+.,.......1...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INYj`....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNYv`....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNYv`....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNYv`..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNYx`...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............Sg.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                              C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Oct 14 11:03:46 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2679
                                                                                                                              Entropy (8bit):3.993528120378155
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:B35A0890066DD7F272E13BDE6522F10A
                                                                                                                              SHA1:9C3672E6A5D10A4C387F8D4DCE0974CC7DFFE3CA
                                                                                                                              SHA-256:0C6409478B3FC542298F9259C4EA2B7629420AB17527ED1AC9F05794925E4F32
                                                                                                                              SHA-512:3349B844CF7F1129C85FEA511E1F21FA87C0BBB84F22F429EEB6FA92DA82DC87B524DEE83092437931BFB76D3FCC6D083207DC890DF6A66D4F9108042F967681
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:L..................F.@.. ...$+.,......u.1...N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....FW.J..PROGRA~1..t......O.INYj`....B...............J.........P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VNYv`....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VNYv`....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VNYv`..........................."&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VNYx`...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i............Sg.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                              C:\Users\user\Downloads\15902c04-aec0-45b7-9afb-395cc40bae76.tmp

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1177
                                                                                                                              Entropy (8bit):3.7602203758837263
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:1CFBF6E2A10C03F4A4CDBCC559A62B1F
                                                                                                                              SHA1:8763A1ED491501688A924B126843F0F9CDCF964B
                                                                                                                              SHA-256:3BE4EF62835DEED1A8E78C67BE2A35AB2B42BB61345FC46A58B6D77103949948
                                                                                                                              SHA-512:1DF863F36CA210F0DC39522B1FD475210D118304A80281593E5EFFECDC0A33F40D11FC11CAB738E99837B470B58C91B8F22AC78C01F38B445F6704B66CC962E8
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$..........M..]M..]M..].'.]F..].'.]..].'.]U..]...\_..]...\[..]...\O..]...\}..]D.}]L..]D.m]B..]M..]...]D.z]L..]...\@..]...]L..]M.i]O..]...\L..]RichM..]........................PE..L....(.f.........."......,...~...... ........@....@.................................mj....@.......................................... ..X...........H....*..............p...................0........^..@............@......,........................text....*.......,.................. ..`.rdata......@.......0..............@..@.data...8...........................@....didat..P...........................@....rsrc...X.... ......................@..@.reloc..............................@..B........................................................................................................................................................................................................................

                                                                                                                              C:\Users\user\Downloads\Unconfirmed 978694.crdownload

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):249072
                                                                                                                              Entropy (8bit):6.646342233108767
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:669DB7E7BA18C30B53F3D2FA12599ED6
                                                                                                                              SHA1:B3B5CEC2A259515CD6D6CFB72C75126CCBE14745
                                                                                                                              SHA-256:22E16FA8797FD3E2723C85879C6D55D979D68292C75112770F7B2EDD237B34C5
                                                                                                                              SHA-512:1F4F99E0263B14403500077CF0492DC0ACE0B997687000A4087C00478FF6183A4EC92024545699DCE099A0067E477DCC9B169348098EAF85698B9AF9DC84491D
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$..........M..]M..]M..].'.]F..].'.]..].'.]U..]...\_..]...\[..]...\O..]...\}..]D.}]L..]D.m]B..]M..]...]D.z]L..]...\@..]...]L..]M.i]O..]...\L..]RichM..]........................PE..L....(.f.........."......,...~...... ........@....@.................................mj....@.......................................... ..X...........H....*..............p...................0........^..@............@......,........................text....*.......,.................. ..`.rdata......@.......0..............@..@.data...8...........................@....didat..P...........................@....rsrc...X.... ......................@..@.reloc..............................@..B........................................................................................................................................................................................................................

                                                                                                                              C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe (copy)

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):0
                                                                                                                              Entropy (8bit):0.0
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:669DB7E7BA18C30B53F3D2FA12599ED6
                                                                                                                              SHA1:B3B5CEC2A259515CD6D6CFB72C75126CCBE14745
                                                                                                                              SHA-256:22E16FA8797FD3E2723C85879C6D55D979D68292C75112770F7B2EDD237B34C5
                                                                                                                              SHA-512:1F4F99E0263B14403500077CF0492DC0ACE0B997687000A4087C00478FF6183A4EC92024545699DCE099A0067E477DCC9B169348098EAF85698B9AF9DC84491D
                                                                                                                              Malicious:true
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................(...........!..L.!This program cannot be run in DOS mode....$..........M..]M..]M..].'.]F..].'.]..].'.]U..]...\_..]...\[..]...\O..]...\}..]D.}]L..]D.m]B..]M..]...]D.z]L..]...\@..]...]L..]M.i]O..]...\L..]RichM..]........................PE..L....(.f.........."......,...~...... ........@....@.................................mj....@.......................................... ..X...........H....*..............p...................0........^..@............@......,........................text....*.......,.................. ..`.rdata......@.......0..............@..@.data...8...........................@....didat..P...........................@....rsrc...X.... ......................@..@.reloc..............................@..B........................................................................................................................................................................................................................

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\bug_report.exe

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):5868840
                                                                                                                              Entropy (8bit):6.512868694987623
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:E50EC8EB210E6BE25F4A0F1ACE59B1AC
                                                                                                                              SHA1:0211B066529F3A2AA758388E3BF2302B53A85100
                                                                                                                              SHA-256:4D714C4F8BA36ED20306160040C3EA17AAA088758583A8E79982A3209DA1DF07
                                                                                                                              SHA-512:09F42393D99BC294AFF5FF56B4353AB45038A0B5BD5348BD81FC5B73F2AD8DC49EF2ED70104C6A5F90F1E169D2B1DA2A891A79C4DD3356BA4C584813CD2667E0
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................P...........!..L.!This program cannot be run in DOS mode....$.............~...~...~.".}...~.".{./.~..b....~..bz...~..b{...~..b}...~......~...z...~.;.z.j.~.3.z...~...~...~...{...~.;.{...~.".z...~.".....~.......~..bw...~..b~...~..b....~......~..b|...~.Rich..~.................PE..d......f.........."....&..=.........0..........@.............................PZ......RZ...`...........................................N.......N.h.....Y.......V.....HbY..*....Y..p....F.......................F.(...p.F.@............ =..............................text.....=.......=................. ..`.rdata..>.... =.......=.............@..@.data........O.......N.............@....pdata........V.......U.............@..@_RDATA........Y.......X.............@..@.rsrc.........Y.......X.............@..@.reloc...p....Y..r....X.............@..B........................................................................................................................

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\bug_report.exe.lzma

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:LZMA compressed data, non-streamed, size 5868840
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1819782
                                                                                                                              Entropy (8bit):7.9998971852649
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:51F473B9A99CAB66371ACCADCE46CFA0
                                                                                                                              SHA1:9EAA9EB1DD54BA36C17F4F8B56735B0F874D76D1
                                                                                                                              SHA-256:AEB9ED6E91B80031E832198E7CB3AC680EEFE8F8CEDC4F72CDA5CFBD9DC4C4F7
                                                                                                                              SHA-512:410A5B97065D7278107D43049FF24AF2650ABF18346118E9FA0DA94A7426A53F19557E5C84F8E03A9594C4EF143F593E4A8C820D483B854E7856AA68D1C4EBCB
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]..@.(.Y......&..p.........../D.|......e.F<w.,...vY.Ta.....NE..1E...V..Z..m9..^../:Y!....y....eg..D....6.<R.IZ....{E.B.........!...P.*.5...2.>p....<.H.X.......d..)....4..=...Z.G.p.NU.#Ut3+.aA.#.\.....=V.*...V..........T...@.v.E..d..b...l.o<.........p.~.t.Yk0[h.p.%.1eW=\2.R~t..I^..KP..:.A.6z.i..V.../.Mz..........K.....O.]........E wI....t.i{Q..@...C$.+...t.O.X..8..Q..L...f....~f..s....$oN-..t..i..V.b.i.'..........#....?C.....[.q....~[.v..)u..M.~(.E..]...]S..m.\X..."...>...p....g,$...e.).=.:.D!L.Q.FO.R.....s}......l%c..NM.....{.NU7.......V%..^W..zO...sey;......:!....tb4.'(x..%.|.D .(..]..OK...e..]..uJ......9.K=.v@..u[....=Q..../fS.d..L.@..Y..&>..L.....z.......r)..y...[.....0i..Q.!..D:oA...{..L.x..S.;CzC.`........Q..,,q....eI.j...7..K|........s{.++f....6..?..q}`.w.?&Ms3...2@|..%*.....s},...#...,I.b..u..)..:~..?.+@..l..I ...ESb.H.<...:..(.+p.....+].....s.tq.wcp....?..3.6.&..qS.u'...O.....t,.35......)3.J.Y...'....:.......4Ze.....r..V..'....m...~,.W.

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\config.def

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):549
                                                                                                                              Entropy (8bit):5.443032726347192
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:3E9C87EF79AEC6EF3AF203B32B003198
                                                                                                                              SHA1:82D9DBECBB20FF8160439D9F7D8B87466BCDFBEF
                                                                                                                              SHA-256:E3E8CBE0A09239F7C977BFC7D283C32E1A8DACD5FADC2F6643724E4E68CB8489
                                                                                                                              SHA-512:88E65718A1D7B538C14822CBFE1EEA21DD8C102C9B3C0C4B6DFF719EC0F74E3C5C5B83B630F4C8506049B1E793EC2A1F4AED279BC44F904CA8355A0E1C4BFDC5
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:[ui.offer.actions]..url=https://ipm.avcdn.net/..[ui.offer.welcome]..loadtimer=10000..url=https://ipm.avcdn.net/..[reporting]..disable_checkforupdates=1..report_action_ids=RID_001,RID_002..[common]..config-def-url=https://shepherd.avcdn.net/..report-url=https://analytics.avcdn.net/v4/receive/json/25..[ui]..enable_survey=1..[updating]..conceal_hours=1..fraction=100.0..updatable=1..[Signature]..Signature=ASWSig2A0839A62016BD5ADC618C81BD649502F9846A4D7C56363532F6617DE20034C5FB42DDCB5BE37254EFE49170A8C56892BA45C951678781E3138DF47450818061C8ASWSig2A

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\dump_process.exe

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):3488040
                                                                                                                              Entropy (8bit):6.470785936441
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:FCEDB4B8C9E1D3A0A1F56ACA285E73E7
                                                                                                                              SHA1:6C019524E3C87111F6796189C682B76C94964682
                                                                                                                              SHA-256:C2656D9FDF3736FBC2FE992E92BB1D57F436CA83D18F78D627C4D2743967053C
                                                                                                                              SHA-512:007590251984434F066D774394F9803AA67E15D6548E78936F7920132E14712E7563B0CD98835C72A2F0EFD505DBB1EF89F80FD8F16ECABF19904183D01E22D8
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................@...........!..L.!This program cannot be run in DOS mode....$...........Ij..Ij..Ij.....Bj......j.....Uj..O.c.Jj..O..[j..O..]j..O..=j..@...Kj.....Hj..Ij..Nj......Jj.....Pj.....@j..Ij..k..#..j..#..Hj..#.a.Hj..Ij..Kj..#..Hj..RichIj..................PE..d......f.........."....&.v .........P .........@..............................5.....^.5...`...........................................,.......,.......4.8.....3....H.5..*....5..V....&.......................&.(...p.".@............. .p...`.,.@....................text....t ......v ................. ..`.rdata........ ......z .............@..@.data........@,..4...$,.............@....pdata.......3......X2.............@..@.didat..P.....4.......3.............@..._RDATA........4.......3.............@..@.rsrc...8.....4.......3.............@..@.reloc...V....5..X....4.............@..B................................................................................................

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\dump_process.exe.lzma

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:LZMA compressed data, non-streamed, size 3488040
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):972311
                                                                                                                              Entropy (8bit):7.999797082112348
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:138E9A100B5576C39603D807977A424B
                                                                                                                              SHA1:E4E5AB2AB970ED6D46D9726F8BAFD8FB6D1A3D99
                                                                                                                              SHA-256:419F3F8124A2D5DB490D42C260BC052B040D2FD56ECBD38AD8405DB691AC5490
                                                                                                                              SHA-512:92F3BA94B96E4DD39D7698250099B99FC2B9C3985B00E84C31893317DD1CAA948FEAC54B9445E6A88F123AB2EA20E9C7910F34F42F3C8AB4A3ABBB2616B0166C
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]..@.(95......&..p.........../D.|..b..6>..p.}#......G...)p{` ..i=`...k.<....G..7.p..C..K.N.......j..u-.r...........u.t..h.........x..B.......<.B..y...A..F.=.i.R.W..3gK.6.X........3...YM.?.k.W.H...\<.$..a..}.G:&.^....Z..n=O..X?....f.K..5..T.tJwt[.Y.l.S...v..|.^_.Y .%.l.@.TE....~.P(..^..r...O..... <.....h.a(.....k.)&.S.....[...'.%.....|8..~..<I*..lp.-.l.yH.....K.I.{......%.N...d.....$..].x.*C..i}...?.tkYj.(.r....3b..s.UwU.4.Kj.y.v=S.....Q...)\*..z.3....Z.d1.~&'.......V"]y.K.3.W.[.......|.^g.WU.R.^..kf>..|..J...:% ^..<..`7P.....(<.D.....n..L. .*.84..S...R..........X.&."..dh/.b.2.T...v...4.......x..@.rb...R_!|Cj...O....V.. [.........8G.Zg."8..J..].8...@....C.^......).......2.c[.....I.3..d..G.Ze..W.c.yc.uxz*..8.....3U...9..37E.....+....Bp.D.T...GR.>XD..O#.G.<..`+..6&..6..5..z&.}.i?...3sk..!$U....*...o.0.:..%6C..X....'...:..}.3i.X}p..m"!Q.._..h(Y.$..*@.~.'.X_.m..H.:'L#.;kZ.&.m.2......./.|1_;.Bs.]'*87...}.W?5.T. %q.........?. ..|.\.6{.

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exe

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):8199464
                                                                                                                              Entropy (8bit):6.437330573598039
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:F77C9CB91B343A8D457E9C813A1B3C25
                                                                                                                              SHA1:20B137C7ACADAC4679278B3BD36E1542066321EA
                                                                                                                              SHA-256:54BA3E89BC201930A35D3EC76AC2CB6CACA1A3BF113F4684057A45CAF47FC29C
                                                                                                                              SHA-512:1EA2EF17BAA6F2BE9341565BE3AE6CC8EC1E350366B3714F2432356C7A48C1B5D315B64DB4BC5473337A505D041DC9EC40A72D13317D9BF7BF52F9DB7CB74A9F
                                                                                                                              Malicious:true
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................h...........!..L.!This program cannot be run in DOS mode....$..........\H...H...H...............I...Nm5.D...Nm..[...Nm..Z...Nm..5.......X.......n.......K.......@.......K...A.[.J.......R...............K...H...E.......I.......U...H......."m..B..."m..I..."m7.I...H._.J..."m..I...RichH...................PE..d...G..f.........."....&.bW..^&.....P.1........@............................. ~......}...`.........................................@4o.....$5o.......|......Py..h..H.|..*....}.....8od......................qd.(....[.@.............W......0o......................text...,aW......bW................. ..`.rdata........W......fW.............@..@.data...(.....o......Zo.............@....pdata...h...Py..j...Xx.............@..@.didat..p.....|.......{.............@..._RDATA........|.......{.............@..@.rsrc.........|.......{.............@..@.reloc........}......h|.............@..B........................................................

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus.exe.lzma

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:LZMA compressed data, non-streamed, size 8199464
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2439998
                                                                                                                              Entropy (8bit):7.99993744988573
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:EA34DFDE53D47E1A6146A5758E87D1D1
                                                                                                                              SHA1:D30AC8EFB5E3DD80A81637345B50EC3E60570B56
                                                                                                                              SHA-256:0F37BDEA72DAE09E4719D311E6DF07CED19B5B04D7C451C7C985104C3DA197F1
                                                                                                                              SHA-512:E51D879C8D47E13CBA0FB39AC65C64862DDF8E1C98EB4517AE98655ADECB7E6ABD1E2078E2C6BD22E82007B6F2A70547A873FC7295E2FAA11F035F1D9A52A6EA
                                                                                                                              Malicious:true
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]..@.(.}......&..p.........../D.|...C..I0..y.]n.u......i...7.....B]......F2$1..../e.Y.....f|..|9..Cq.F.j..%B.}B...=.#...c.7h'b....K..I#+...c.6...x.x....|....E...Oh..\.....U..V..q..G.d.5@..$."c...,..R..c5h(..... yo.....hq.V.I...`M.G.y.'.%..Q..?...N)..CS...Ys.1........3S...^.>..Xn.|,=.3..,..)..#...<....]...&..m}q..y.......5Rj...........`.u7.).x.(...G....[.........a.p.8..I.."9j.B.<.....a.......`N.o...6....@?p.C...,....e.`...(.....E.2]..h1b.........+.....N..};.{.=%.(;e.}.@.y1^....q.C.......U.V......_Z....c..e.Z.Lt..@.jnD..0..R..iX$............d{..KOrr62e...co.fB.g.O%c..(le.{...Ts.f^G........L3x..L..|Vg.t.F.v...MY@.a.?d9~V.d..n+.......A^t....:q..g.'i.....p........F./......MW..........ezr.........gV35..[.r.u...."v...|b.W/(..L..,...a..O6{..=.u..AE.....r.@...Q..'....7v..V..c.(....~....1..5.Yu@.@ki.Zi.-......~.Y...'..[o.....W.\.....r...h.<......nH.9.Q...7...8..Rqq.T.K..$.y.N=k.a...U;.X.....v.:o...A~>....g.97.'...Ie..1......ZS.........c%.c.e.

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus_product.dll

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):879400
                                                                                                                              Entropy (8bit):6.5884443633873815
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:5E9D588615C4FC8500DC963C5141E3AC
                                                                                                                              SHA1:D843BF92A48759213D83C751394819C958882DF8
                                                                                                                              SHA-256:8CCAC86916FA772E6581C79857B3F6DC666492C26FEFF65C13BCF28653FC1FA2
                                                                                                                              SHA-512:C56CB1F0BDCF46BDDFAFA8FAAFA45019DC0570CEBBFFDE2DF93EB24F213BD4C4E66D65A344CD0493BBAA00D700A72884F6984964BBFEE0BF5D35590F0DB5E230
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................h...........!..L.!This program cannot be run in DOS mode....$..................y....y..}...%O...%....`....%.....%....y................`.....!........`......h........y....y.........%.......%.....%M...%....%....Rich....................PE..d......f.........." ...&...........................................................s.....`A.........................................r.......s...............P...j..H@...*......................................(...@...@............................................text............................... ..`.rdata..............................@..@.data............H...t..............@....pdata...j...P...l..................@..@_RDATA...............(..............@..@.rsrc................*..............@..@.reloc...............0..............@..B................................................................................................

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus_product.dll.lzma

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:LZMA compressed data, non-streamed, size 879400
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):326690
                                                                                                                              Entropy (8bit):7.999506423310559
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:A8CD835190C94A3CA4E61E4FC72B060D
                                                                                                                              SHA1:3D55BC6E4916D757EB29CF0E911484DBE40299BF
                                                                                                                              SHA-256:99103DA32696AA2FEC09EE971D1D792AAAE331EAF0D45E8135C725F7155CC658
                                                                                                                              SHA-512:7872F384C25A49983B310F1E91DAAA4FF3578BEBE377DE41121C74FF7EC2F1A4E6F7AB9E251E16E37765C8798E62EA20C29638D2BF79A7090745C578425ACD5D
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]..@.(k.......&..p.........../D.|...C..I0..y.]n.u......i...7.....B]......F2$1..../e.Y.....f..b..A.x..|.&..@....&Ov?e.*.o...\i.. d1...I..;..[.^.....q......k..s..J..........B.5w...Y-g(.!L...5.]....@..c..o..~..9|......."b.@woJ....[T..G..,W3...J...Pu.....7..(.;........#...m....t;Y..zc..-&7J.K..cI..}^z2....v.i.,...*......P.......7..._z....;.q......^.V....._.1......U....5..N..Nx}Q{4.,...P(>..~. 3,X-....>$q]..i...#..2.....-B,.E.xh..M...+HFn..ic...P..8......QO...D!g,._..n...... .wQ.#*C.....?....;5..d.<=.a!|......0DP.Q..x.^...;h........i.....E#......Kr+.K....X.3...b.................f....c.|....i.]...Lq...Z%.!...R_.2.x..n.K......\......c.........jRW..p.8A7y..]o.r=..bt.....P.).^`...@.......].=........<._`.]{..1........m.?.....L`.]M.+....W....CK.~.....,...H....p*NL........G.Y?../BW.&b..&...\<,R..L.}#.>....X.{H.M.{&.t........e.n....9`kw......r.$.P..c.o~...t.......]..%.- Q.........O.R....*.-.&.e.X.m........49eI........o..3.[.....B..`.,1.t3Q

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus_rvrt.exe

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:PE32+ executable (native) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):50976
                                                                                                                              Entropy (8bit):6.695978421209108
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:97F5D0CAAA1988C95BF38385D2CF260E
                                                                                                                              SHA1:255099F6E976837A0C3EB43A57599789A6330E85
                                                                                                                              SHA-256:73EE549578DED906711189EDCEF0EEDBC9DB7CCBD30CF7776BD1F7DD9E034339
                                                                                                                              SHA-512:AD099C25868C12246ED3D4EE54CEF4DF49D5276A5696CA72EFA64869367E262A57C8FF1FB947AD2F70CAEF1D618849DBAB2EC6161C25758D9F96733A7534B18F
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.....................r.............../......./b............../......Rich............................PE..d....>_e.........."....%.N...(...... ..........@..........................................`.................................................\u..(.......8.......P....x.. O...........l...............................................`.. ............................text...)L.......N.................. ..`.rdata.......`.......R..............@..@.data...............................@....pdata..P............l..............@..@.rsrc...8............r..............@..B........................................................................................................................................................................................................................................................................................................................

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\icarus_rvrt.exe.lzma

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:LZMA compressed data, non-streamed, size 50976
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):26032
                                                                                                                              Entropy (8bit):7.993020359748391
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:84B41B6779CD161AA144FCB14B5DB7AE
                                                                                                                              SHA1:374A045376685DD0E662C8A52DA1B117E719B4F8
                                                                                                                              SHA-256:57B66C4F8F7DD6B808EACE56846ECCEA4B8CC09568B7DBABC0E59ADD50D739C9
                                                                                                                              SHA-512:9D501EBB4335ECE860F1806EDFF4C85652962B8B01534C8FAD3904E56AB8058135D7835BDA170CE2D65C392EF39350FF7C0CBDEBC336E3B68136992E634B6B80
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]..@. ........&..p.........../D.|...G'_..z.-~A..\..*~kHy54......<.....=......6......! o..- 6Y../.e+.Y.1~...~y. .....}..N..H.)G'P0..K..*..?.."...c.|..p.z.m!*..D...P.X..@~..E.B.T....5.7o..Y[C.......1.f..]?.........*......W....z.V.b}.H....h0......>./...w.K..}.o..Tm....V|.2.,f.U.......C@.]..e_.&....3....5NC.:.Tm..A3...:.q'Pj2}.m...1k.s.T....O. .....sq.&PaB...=.F.f.F]..;..'...W....{i8......Ki.u.i..2#..*....L.........F......~..x.W..@.J..X..*.'....0t.g.B....b....Z...@~<...8QZLR..2>_.X....=q...%..r*....oP......B.*&..wjV.........`..-..K.=.&r....*....Mi...q..{!..P.aF........-)D.9...r.iE..3..Q.....}.'....o.VL.3.].fW...,......R....<.P.l./.>.%3...{K>...=0..m.B.....f.=...E.^3...."n{.kw..-./-.,..D.d0..$*...rq$...=...g...._n~...H.....p.I..e..U..(._.5.W..y.7.r.^......?|h..\;$.IW....E..N..$.....>..:..."....v.`Jya.MF.\.>.N...\.....I.m.*e.+.Ut....._...xo.[$.M.Q..V_..X.~.XO..'M;.*.(.@....X.d.{..g...0Lx.C....*......`w.o].....O5.'..Y..........y:}..w.....$.b.{....b..IJ..

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\product-def.xml

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:XML 1.0 document, ASCII text
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):61265
                                                                                                                              Entropy (8bit):5.190019331143701
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:E2DCDAD2733F2D86CAB54BB5F6AB85FB
                                                                                                                              SHA1:25D619610ECB425F80C9558B86AEB40032F60785
                                                                                                                              SHA-256:F8F7246E16C6599F06BE6C7BA6F47A6B4201D21180C10EB51952E22F9F35D684
                                                                                                                              SHA-512:19B14D73717522D68EF5E4DCF784AB9C8F1BEB230467704BA8D0E2C6CF2DDBBC128A861E228F3BBCB34D4DFA78214F81F87E2B2E0D08DBB97870B3DB07442B8F
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:<?xml version="1.0" ?>.<product name="avast-av-vps">..<product-defs>...<config>....<install-folder name="AvVps"/>....<full-name name="Avast Antivirus Vps"/>...</config>..</product-defs>..<group-defs>...<group name="base" mandatory-selected="true">....<action-list op="install">.....<delete-pending-files/>.....<commit-extracted-files>......<important>true</important>.....</commit-extracted-files>.....<expand-vps-version order-base="commit-extracted-files" order="+1">......<important>true</important>.....</expand-vps-version>.....<copy-path order-base="set-property" order="-2">......<post-condition>.......<directory path="%PRODUCT_INST[avast-av]%" exists="true"/>......</post-condition>......<src>%PRODUCT_INST%\*</src>......<dest>%PRODUCT_INST[avast-av]%\defs\%VPS_VERSION%</dest>......<ignore-same-files>true</ignore-same-files>......<move-type>Immediately</move-type>.....</copy-path>.....<copy-path order-base="set-property" order="-2">......<post-condition>.......<directory path="%PRODUCT_

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\product-def.xml.lzma

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:LZMA compressed data, non-streamed, size 61265
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):13411
                                                                                                                              Entropy (8bit):7.9863458799496385
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:948B6687F49F32A35E1E1E126BC6904E
                                                                                                                              SHA1:7252E1F8A5152416497F8B217F6BE3602672253D
                                                                                                                              SHA-256:B20B9C608A6D1DCD52FA47456551271F087CFEBE31961EBA2A8CF256AC4A2AFA
                                                                                                                              SHA-512:FB6EA4CA80254B07C0629D7CC872B5EACD433BA46F9E4712CA8EE2F47CF1957873EBFE577E48BF6DFA25DBA191D4A2BAAEED3C4424E2C7B3F2E0FDE44A15F533
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]..@.Q..............f......{3....&.7d..>$....`K...H......O..`...=.K>...h....+N.......r"iLF.&.....?6{.nq#....7...z. SKs<m....J1Y|._...D.......x../.|....'.....W4.PC.d..<..k=..-C...W..].dG53..6)fEj.. `.v....#..Jw......>.4.y........{z.u.1Qn..(.5.,V0.........'2.y.I.P.,Y...`.e!3.. 7...z...e}Df...2.} ..E1!..^b.....<.....TP...dS..za`......c.ED.7..js.....ok....\.....`..e.%V..d...(..z...B...7M`.cC.+..u..<!...5.......O..Ej...i.!.x.Z.8tG...>.$bu.+.~}.....>..4...'.Zme.....S..c.?'........G..M...Qi^.J.<...7%.7,.#..i#.~.]....F*j.......w+..Lm.#.C...N.|..4.j...,.4.......6W/....xo.ck...@.tu[..^.h...+...7._..N.~L..C..>.Ay6..a.`.g ..3.1..m5..x[wMm:......o..G..K.\%..U..6....h.>.].~.(..Vc..{p...=e.....>.....%._.3Y........i%H.O..0.>.H...|.....i.f.o..c........D}=.I._[@.....V-c..n..g6Bz.7..4}.....O.=F.S..m:n.A.'`=..?.`.%.....n...j.b...pH>....f..`~}8f.......JYC..X.I.C.Z...kV<...y'..U.~.]v@.!..W.&.....~...............RJI0.......LN.ND.dh..a-g;...H./.T...J...-^}

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av-vps\product-info.xml

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:XML 1.0 document, ASCII text
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):5933
                                                                                                                              Entropy (8bit):5.108448973930459
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:420B055B31228CF82AFB1F2427755109
                                                                                                                              SHA1:A49195DB9235018981A4B4FB15D23D9F1C109303
                                                                                                                              SHA-256:72BC6B13AE33BA7D3038964F2A9EBA3009C9E19FC0CF6A826642EA3C1CE742DD
                                                                                                                              SHA-512:C7A1DE58BB3634E4F549C56556757521BF49A17AAE5EDB705BE7F9BDD73ABD4C8C4710B034D057F0F7490E1C18AF0DD333DCDAC19F610959508451E8E292D2DB
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:<?xml version="1.0" ?>.<product-info xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="product-info.xsd">..<name>avast-av-vps</name>..<version>24.10.1402.7936</version>..<build-time>1728898957</build-time>..<inner-version>24101402</inner-version>..<setup-files>...<file>....<conditions>.....<os platform="x86"/>....</conditions>....<name>icarus.exe</name>....<src-id>69c9de9f0cc9cc846d44e8b9a42de17d93f4cde9ffcf7a10d1dff69c4cef0c1f</src-id>....<sha-256>4a80c6b3248e0239974348340c8c218e6fdd6835a54fc6a05c5b51866bcb8a28</sha-256>....<timestamp>1728898804</timestamp>....<size>7279400</size>...</file>...<file>....<conditions>.....<os platform="x64"/>....</conditions>....<name>icarus.exe</name>....<src-id>cfab5808bd7503ee1aff23b54d5a98a557524fa453762afa10b90e4b7ca6af95</src-id>....<sha-256>54ba3e89bc201930a35d3ec76ac2cb6caca1a3bf113f4684057a45caf47fc29c</sha-256>....<timestamp>1728898804</timestamp>....<size>8199464</size>...</file>...<file>....<conditions>.....

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\aswOfferTool.exe

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2459944
                                                                                                                              Entropy (8bit):6.784897990692834
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:AC4F93B972F94F6618A43E8A9ED28D9A
                                                                                                                              SHA1:5CAC327ADB007A79DB028CB53C2A6DCECFC0D313
                                                                                                                              SHA-256:223B1F02C018270BE6B390EA5029D10FA4238D105E0C1137FCBAC80A8369B47C
                                                                                                                              SHA-512:5E8601AC750BB8ADC13B57C239EAF37B683D51928C2F76B3C4961FE2FC1831D9785E9B5E5E4189BF47B8021A5291B668B3CC3690D91D4EA3EC4117283BCD350A
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................@...........!..L.!This program cannot be run in DOS mode....$..........C.}y..}y..}y.e.z..}y.e.|.x}y......}y...}..}y...|..}y...z..}y.e.}..}y......}y...}..}y.|.}.+}y..}y..}y.,.}..}y.e.x..}y..}x.p|y...p..}y...y..}y......}y..}...}y...{..}y.Rich.}y.................PE..L...t..f...............&.h........................@...........................%.....p.&...@.........................@.......(........P..............H^%..*....$.,...8...............................x...@............................................text...Jg.......h.................. ..`.rdata...S.......T...l..............@..@.data....m.......H..................@....rsrc........P......................@..@.reloc..,.....$.......$.............@..B........................................................................................................................................................................................................................................

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\aswOfferTool.exe.lzma

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:LZMA compressed data, non-streamed, size 2459944
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):929345
                                                                                                                              Entropy (8bit):7.999810520893155
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:1DA6819DFA902480C101CA2A773DC5B1
                                                                                                                              SHA1:1E52EFFF476527C1A87DA0CC273DD83C91FE6396
                                                                                                                              SHA-256:0D49C20F18BEB2F694B0F419A0E53990DD31E57085CBFAE48F487E5F5AE13A0F
                                                                                                                              SHA-512:821622C71A3D03AA2B7B912C892FA0F1170DD2321F783C27A47E9FF560CDA6C748E5808451B88AF30938BF977DC961B614E9596B85005943EAFFAECA56D250E2
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]..@.(.%......&..p.........../D.|..b..6>..p.}#......G...)p{` ..i=`...k.<....G..7.p..C..K.N.........l.....i.'.]....2...z.#8,[.....+.....vLN.i....y..o.O..?........z7......w}....WJ).M..B/..8Q...\7....E+.D.2.\>...7R.{..~..}..o_..T..sUCo@yp...5Md1...\).....jN.)?A....r..H>............-7@...ke..:.<......m......)...!I...a9.);*.2`]7qY......Nm.../.!..$ ....(..FnI0.cJ..'.t..........).:..^*gY.;...*y-j.*....4...^-..Kj..E:Li...]A.c...j*.Q^.b.u.!.\..@..Z@......n.8..d5...'...W....09R9?*.s...'. t:.'f.<.U6..?si.:n...A.0.....l.l.z.2.........N.0+6,..ik...?>.....e"....E.^..F.6x.?....,8.....".#|....o.\...HE.:..BF......z}..../.....`.N.6..:.2.]k..a.......F....iS.0.o<..v.t+...ap......,..?.....L.]..1..[.#ea.8%JO..........X.....;...|VZ.Z.....rR{+...?.......f.g....A...mA...q...o...l..H>X.......~.e.........4.k..U.U.%......y...^qu.f...L..x. w...h. [&.1......:e.O..^.{...S.....N.+.$..]...9bt...R...b..P..\v...4#L.Q.X...O.#$.nt..-.%./.2W%.... a0.T.........K^

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\config.def

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):807
                                                                                                                              Entropy (8bit):5.441367022979148
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:B879D04847CF63B00EEFB88B4859C223
                                                                                                                              SHA1:24D959484BB2E94164AA026A0E8D4F8F05E8AE18
                                                                                                                              SHA-256:703B5797BA8CE628BD482C6BE12963B4F585E3583F89CA9D87A2279E9E81E21A
                                                                                                                              SHA-512:1AC00499534A3F60D4187B67D9EB8C65F9287354F3DC1D77E6606A932D4F48E1BE72809D9ECBB6C3AAE8EFC060C8640D0A6EF4862D159E09000C0DA3E30F9036
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:[One]..A1ProductLicCheck_AV=a1..[BlockingApps.avast-av]..GenChecks=a1..GenProductID=avast-av..[ui.offer.actions]..url=https://ipm.avcdn.net/..[ui.offer.welcome]..loadtimer=10000..url=https://ipm.avcdn.net/..[reporting]..disable_checkforupdates=1..report_action_ids=RID_001,RID_002..[common]..config-def-url=https://shepherd.avcdn.net/..report-url=https://analytics.avcdn.net/v4/receive/json/25..[ui]..enable_survey=1..[updating]..conceal_hours=1..fraction=100.0..updatable=1..[offer.browser.asb]..decision_type=1..download_url=https://cdn-av-download.avastbrowser.com/avast_secure_browser_setup.exe..enable=1..priority=1..ui.offer=welcome..[Signature]..Signature=ASWSig2A420DC8CA0282FF9AC4511587D78E9C605120A9A5A87FAE2A9698276B3E7C1390454638B74F4DDFB761F53064C13A308B21299CC15F75BDBA4A7B9E2EF822112EASWSig2A

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\config.def.edat

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:Generic INItialization configuration [BreachGuard]
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):33359
                                                                                                                              Entropy (8bit):5.877370049658139
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:C011AA010CFD918407D0EBE2AD5FB23A
                                                                                                                              SHA1:255F3AA2CD0E591153F1F219C82A714AA8844F29
                                                                                                                              SHA-256:DACF8CAACCE7EFDDF4911077A43D5DC8B33AA5C042BAE011371FFAAB3B39691C
                                                                                                                              SHA-512:72E7FA88570C8481C0C68306AF3A7581C9DD3DAFB13302AA5F663FF0A0E2715468775EEDFDAF1B1B55C0B751FFF4C058696517DCDAFBFD0D90509220CB965A56
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:[RemoteAccessShield.Setting]..BruteForceMaxAttemptsPerDay=60..BruteForceMaxAttemptsPerHour=40..BruteForceMaxAttemptsPerMinute=30..BruteForceMaxAttemptsPerTenSeconds=12..[BreachGuard]..Enabled=0..[Settings.UserInterface]..ShellExtensionFileName=0..streaming=0..[WebmailSignature]..GmailEnabled=1..MaxRequestSize=16384..OutlookEnabled=1..YahooEnabled=1..[WebShield.NXRedirect]..Redirect=0..[Features.SwupOpswat]..Licensed=1..[Offers.GoogleChrome]..DefaultState=0..ShowInComplete=0..ShowInIntro=0..ShowInPaidBusiness=0..ShowInPaidConsumer=0..ShowInPost=1..UseTryOffer=0..[Offers.SecureBrowser]..ShowInIntro=1..[SecureBrowser]..UupdateInstall=0..[Symternals]..SubmitGeneration=2022-03-02..UnseenExesSubmit=2..[FileSystemShield.FileSystem]..EngineLdrModuleFlags=24..[PerfReporting]..AvastProcessesWprCaptureInterval=0..[Components]..ais_cmp_bpc=0..ais_cmp_fw=2..ais_cmp_sfzone=0..ais_shl_spm=3..[GrimeFighter]..info2_licensed_period=3600..info2_unlicensed_period=3600..LicensedClean=1..UseGF1License=1..[S

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\edition.edat

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:very short file (no magic)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1
                                                                                                                              Entropy (8bit):0.0
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:C4CA4238A0B923820DCC509A6F75849B
                                                                                                                              SHA1:356A192B7913B04C54574D18C28D46E6395428AB
                                                                                                                              SHA-256:6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B
                                                                                                                              SHA-512:4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:1

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus_product.dll

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):6277928
                                                                                                                              Entropy (8bit):6.488085622571711
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:C3EFF78AD7C8F25048E0781AAC3FF626
                                                                                                                              SHA1:39E7BF027D4DAB50EDA26814A7EC3F6A25570677
                                                                                                                              SHA-256:2340C9D8927C61FF0B591F178889B153691F4198760E49D27F5CFF7826AD5A19
                                                                                                                              SHA-512:06EBBABC8EFD4B35BE842E15F56DC3014736E89C2A61AFD554A1412E78802743C56981E6B359EE6D24BAE4ABC5D39C58867D9F4B521B822C154F913B6BDC06C4
                                                                                                                              Malicious:false
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................x...........!..L.!This program cannot be run in DOS mode....$...........].~.].~.].~...}.S.~...{...~.[!..Q.~.[!z.O.~.[!{./.~.[!}.K.~.T..._.~...z.A.~...z..~...{.Y.~...x.\.~...{.v.~...z.^.~...}._.~...z.U.~.....p.~.].....~...z.\.~...{.F.~.].~.S.~...z.x.~.7!w...~.7!~.\.~.7!..\.~.]...\.~.7!|.\.~.Rich].~.................PE..d......f.........." ...&..>..n!......=$.......................................`.....d.`...`A..........................................S.....|.S.h....._.......].....H._..*....`.......J.......................J.(...`.J.@.............>..............................text.....>.......>................. ..`.rdata........>.......>.............@..@.data...h6....S.......S.............@....pdata........]......2\.............@..@.sdata........_.......^.............@..._RDATA........_......._.............@..@.rsrc........._......._.............@..@.reloc........`......._.............@..B........................................

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\icarus_product.dll.lzma

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:LZMA compressed data, non-streamed, size 6277928
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1774770
                                                                                                                              Entropy (8bit):7.999902033122587
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:DBF78B1EABB885465496F975769403E1
                                                                                                                              SHA1:8452C8F1600DADF345DB719C6BD61EDC997AE35E
                                                                                                                              SHA-256:088ADA7A6EBE73612C86FC394308F297F9EA96938B5FA2DA6E3AC736CD39AD7D
                                                                                                                              SHA-512:4BB15ED2DD2B001FAADDFDF72A4958EB8B124DCB73AFBD15B53266F2B454A05250C4CF377FEE755616AA76C46E506FF9042B478612DCD2CB5F67F695C3A09374
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]..@.(._......&..p.........../D.|....e.I0..y.]n.u......i...7.....B]......F2$1..../e.Y.....f}K..?.1J2a_.O.....A..*...T.[.k......}.M.-..'V.......;.G...t>.DX#.u....:[..3"......7,.KrY..ZNX{c.Z...3..-...'.u.-..s....T.^.....0....]...K...P.0.....w......5...P....k...S.IK...Z%lcI......Z......^q.2.7.x.h..>J6.`...z..M4G..6..q..4.../gn.cJFt1......]....KY...$..(.lE9E....4....0_..}...`.R7....&..e]s.F......3....%.$.9p........P.xY...8.w..X.&....A.0.vM.s.a.i.2...o*.o..Bt8..k.8h.f.u4l..t..Z....)6ie?.1...Cj....*.YK.5O..q..;te.........&o..(o.B*.rTH.9..D.:.)0G...F.E..#../.K..`....@.t'..j..4.......Q.....I/..o$...[0...Qh....a.^9SC.@..n..&...h...g}....H.)c..(R&i].R..1...8.Y7...?.G^..M9M@....(.8.f...Y..+..4J...+`.........\.h.....?.8.Z &"...7s*D...T..;..^..vD.2.....EJg!.#...v..@...[l3...F.9 #Wa.....e.#....>W@.3........]&..q.6..D.~....19...H..!.H......q..=...t..e.a../l..^.*.-...o.B}....s._(.....w..|._..&b".l.....8..W.&.0m\>Mw.[.f.......H..

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\avast-av\setupui.cont (copy)

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe
                                                                                                                              File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):0
                                                                                                                              Entropy (8bit):0.0
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:DB585D1E263964856A59D68EC5EEAF07
                                                                                                                              SHA1:CA3FA2AC67AE160A80056993CFB43AEE12411B5A
                                                                                                                              SHA-256:567ECA1EDA79594460AEEEEED9AD84BD37E83852CE26BF9EED992D286C7EFE78
                                                                                                                              SHA-512:955B9712709D324AAF5DDBCC5D3A0A84A3616C36669DF13A4002DF56E423E7C3B158E9B88347CAB7F3E381B49593BAD20057EF3E5942C5A12524D34B458A1119
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................`...........!..L.!This program cannot be run in DOS mode....$.......0...ti..ti..ti.....i..r...xi..r...gi..r...fi..r....i.....di.....Ri......vi......|i..}.u.vi.."...ni......i.....wi..ti..yi.."...pi.....ui.....Qi..ti...k......~k......ui......ui..tiq.vi......ui..Richti..................PE..d...L..f.........."....&.&W..H&.......0........@..............................}......%}...`...........................................n.......n.......|.......x..g..H.|..*...0}....(*d......................,d.(...`a[.@............@W.....@.n......................text....$W......&W................. ..`.rdata..:....@W......*W.............@..@.data...`....0o.......o.............@....pdata...g....x..h....x.............@..@.didat..p....`|.......{.............@..._RDATA.......p|.......{.............@..@.rsrc.........|.......{.............@..@.reloc......0}......&|.............@..B................................................................

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\1e423c17-9983-427c-9fe5-1f9125e416d1

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:LZMA compressed data, non-streamed, size 1403321
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):160586
                                                                                                                              Entropy (8bit):7.998923985679564
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:7612800D3AA320D1AFADF7B3196B5209
                                                                                                                              SHA1:D091AFA3A04F72D6F3995A657C8499B86683A432
                                                                                                                              SHA-256:B1E4D9DE6B7FE80C39BE8D39E3AF94A9C22F7199D7AC4EB83BB78F6C78983B79
                                                                                                                              SHA-512:9239829704087C3BD0CDF5E64E6F2A1A177499B73706A2FFA2098BD7199516A3A7484513F4496647CB3894DC5E8BF47DA129D4C317FF994DD2B3B86D04AA844D
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]..@..i.............f......{3....&.7d..>$....`K...H......6.../....n..^h.|)...w9H.]..$.{.......l`7#.!.x......c:Y...g..?."6..%=.Ais...........m....7...t.[O.;.....K..@..........^..$P...W.El..n....*_...\!...M.3r.H...~..Qj+C.....I.|...`p....0,.0t=...Z...k....(..W..,..LO.L.....#T....s.._Z.M;o.K....#7L.E....5a.a....V...b.;#8.jE...3...x....c....$..,.ex......../z.o......a..*Y.%..:...L....$..k.N....F\.Z..1Da..)...#..Z.V*..Kn..pf....$.K.....*I.D1.....S.1.y......V*.C.Q.O.r67G.{Z.........o.0....+...y_....&..B..ah9..U...0Kx..@..@..B.. .r.......O...P..?sG<..,....}Z....x...r.%..-..D..F.9sGog%^k.Q.....Bq..|..`.2.?T.^.}.rX?.\?..^w.....1iV..uR...!..}Q.n.......>1.#.HvV....7.W.U.......C.......A.......<@.a`N.S88|._.%9}n_...s.k.A.2........=...a[.~.=....MW...*"T..]..]...?.{.L..."....f....H.6...pW.k...T..!....O..l.N...4..#y...T8..Z.e.H..@.}..Op.X..I.........F...a...'!..-)ms...TB?..A...tv.Qo.?..t....../..G..0.u.A.+.A.%.W.,!_.....*......eh.D..E...Z.....Wm...j/5.

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\638abb07-4301-4965-925d-0df97249d3d9

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:LZMA compressed data, non-streamed, size 15656
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):9866
                                                                                                                              Entropy (8bit):7.977375179187746
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:6EB30A430545FEF77FE1F3F6901C6908
                                                                                                                              SHA1:3149AE4CFB1FCA5CE8FD8D881B0C49F4C3DA723A
                                                                                                                              SHA-256:810A64249C837BDD6A316494F3F97D51393775CB7FDB8075C79684A307AAC824
                                                                                                                              SHA-512:EB9105F0AF1DC5157D551002FA594E41FD04632418C5B82213EC7B3D50AC6F83160622A27734DC82C7628656CEF24FBC057D75C807AB4F6FBB8EEF38CD19A1AF
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]..@.(=.......&..p.........../D.|.........{...cl..KN......TS;...p....."...gW.....~...~....oF~;....L.c.Jc..k_....P....u*....E.~.Y.......0....\..D...1G.F...v.M.u..$2.;.........td...n.\R.b..l..../......|...'.F..Ed..+.<...S....Kg.>m...u..r......5&..\4...........E7+.rh..{....>...qOu+.....c.7....b.=.#G.8..9..L.Y.q...<.D....6.J,.!..*.l..-..1L......V...87......Yc......._4....M.9.+Y..V...>%...'...1...0z....&j..~.DAV.(.....R..#A..'..4\T.xU..r.}...b^Y..<..iBl..gY+...*.;...7.9....|.f"..." .N.Pgb.$Hd.:....O.>..8OM..ad...6@.....b...Gk.."..$ZX..=...|..R....zoEi.R*....yF.'...hwT.#..uM?.z..c.C..P.[-..V*.../.e.p...xo......,+.5.....4@......Z...U!.hh._.w;A4A.._Z&-h.Oy/[.HY.v..........7......5.o8..?...>....5.W.8..l2..u.wncQ-.~.'..%y..)/I.....-...<..t.,E.Y..c"*..PF..|..N/T7... .M.n.X-4....%...i.q.s.8.[[>...../..qe1..k......p...`NQ...u.1..(t.......!.m.D.\..q...94H.@.4..:..Jb .4....F.!......:......L.i.....u.y..-m@u..;s.&..|..7..J..^/..M..`TA.(5...K..A.e.....~~

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\961d170a-b84d-4d5c-9780-69b9f9d9d27f

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:LZMA compressed data, non-streamed, size 5857576
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1816341
                                                                                                                              Entropy (8bit):7.999903068496067
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:A6104DBA3610553461950CB0794110A3
                                                                                                                              SHA1:98F579FC8873D1F138FC5D6E706F341E8E79351E
                                                                                                                              SHA-256:3E42382C3DC8F65FA68E229353CB0C1CB2EE90F99118B9CB670B579D163203E5
                                                                                                                              SHA-512:63ECA8A67FD59ED2E06C345C6D0999482A7FEA904D36FCB95A804C9B59D1F7B05A72918F1C3112643BE984411187DA827BB7FA8723A96F19664386A4BE28DE27
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]..@.(aY......&..p.........../D.|......e.F<w.,...vY.Ta.....NE..1E...V..Z..m9..^../:Y!....y....eg..6...'...7.*.v|}y.l..b)(.q.p..lY.`>..q.b?{.8.......8p.R=.x.a.....H..8.R...~..2qjM.8...e..J...+9N..............v......%..;~...e..y....T.BI.......?..b*.H.;M.<'$..*.....W_.....|.8.....R.@.Q.:...CbQwf.........|...h&.7..'pT.>......<.....-+..?.S......rX...U..MEYOw.#.Xb......$t.].N...o g...V.?.....x<..dh..V.....r......q..1...*..y.=...<...w@.a.w..3..B.f...J..p....VM.d.?.eO..M....#.H2...F-.\...W"..w<....L....LQ.c.....j.x/.......).2...~,.. E`..U.S(..8..j..H....,{...ax....M.HW.<...........x..Q...U..h......_..qnc..q&.s..i..5R....X......*.."ua2....{......[.bg...R.O.....QI.*.T..]{kr.I./Fl!H.8$.h.t.N].......SwX,.G..d.|=.W.V..N%..V.y6.I....L%.xl..[8.h.w......d..a.k.>^C.i.......`N]#....0'...LtM....(D.h.M.nM..>{..v|.K%W.P...=.b.9....}p4M9.`,^.P@...z.@.. .........D/w......8<p...,.BX... ....{.v..*Lu.y..%..........~...y.y.W....-JS...m{_....q9...9.Q..3.1&E......N.

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\b2290f93-5427-40f1-a2fe-46330ed754e9

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:LZMA compressed data, non-streamed, size 3479336
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):970253
                                                                                                                              Entropy (8bit):7.999794001282954
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:4337A1DA21A93CDA1185E4D0647715EA
                                                                                                                              SHA1:43F0E1A9A7988AC742779E51A28E67B98AA3EE5B
                                                                                                                              SHA-256:FDC491D80A94F6C314CCB6A4534E0A30D1CD925728585E7A436D1276F27EA6EF
                                                                                                                              SHA-512:CDBD243A4D912F92725E82CDF07850A78E9CEE76D6FC5F4AA1607E79B55D7910EE1762F56A49551160A4EC648AF6CC459D8A87C1012ABB7CBDB381AAC4262517
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]..@.(.5......&..p.........../D.|..b..6>..p.}#......G...)p{` ..i=`...k.<....G..7.p..C..K.N.......j..u-.r...........u.t..h.........x..B.......<.B..y...A..F.=.i.R.W..3gK.6.X........3...YM.?.k.W.H...\<.$..g.9r+..j.8...b.L..wM...y.R!u...e.B..%...v.?YX...o...".U.l~c...;..4.....}..0..u...-...[.L...,Fs....y....K..}.@@.5v......r.M.D....].X..3`.....#h..w.ktj...f..&f....x#9..D.H.pi......".wJ....>.m...m..5..<.\....hn..4. ;....1........P-...b.....#..(...o.....aq.n1..u3..v.jI.z.D...KA..|..i.@..Y.J.~YmRV..d...`i.J...?..p.'..k..1.U...R.'..f.......D,.\.K._n.>.R..m.....t ~.q..t>mH.e7%.UcLm..VY.0N.=l.C.^6.E.OcI.=t..bXC8....QB......}....~......s.x....Q.a.*b!S..,...Tq...].,k.N.....\.R..gIvlP...&.......G;....@|dM.Do#..d.O[....)....B.......$./8E.#....4.+U7..$.....5...J...zj"..ZlE.).C.k..(..#NI........Hq'.\z....J...!.p.p...t:x..<$.F.f.o_...1...W...&.V...SUH .N.D......g.dF.[...0...;{...\J.+_.....(...~j0t...v`.U.).../.,.89.;..}uC^....Z...p.].5....W1..t

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\bug_report.exe

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):5857576
                                                                                                                              Entropy (8bit):6.5128229842608345
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:EFE923E7228657B3DAF92F0CA06ED265
                                                                                                                              SHA1:65490C26E42515070F97946163E0D1688B15BAB7
                                                                                                                              SHA-256:34C6DBE4DCE83C2636E8CD16AAE2735391BFF6674C3AA5B3A977310213308D39
                                                                                                                              SHA-512:C72E3B2369F63503A28C4B0A07019124948BDCB25C1573E4ED0CEFA212AE53D340DD912E11E85F7A2A5D1B029689B94D837638E2606DA3014B5FDD8E8F02CCB9
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................P...........!..L.!This program cannot be run in DOS mode....$...................X......X...U.......................................A.......I...................A......X......X............................}.................Rich....................PE..d.....f.........."....&..<....................@.............................0Z......Y...`......................................... .N.......N.h.....Y.......V.....H6Y..*....Y..p....F.......................F.(.....F.@.............=..............................text...\.<.......<................. ..`.rdata........=.......<.............@..@.data........N.......N.............@....pdata........V.......U.............@..@_RDATA........Y.......X.............@..@.rsrc.........Y.......X.............@..@.reloc...p....Y..r....X.............@..B........................................................................................................................

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\dump_process.exe

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:PE32+ executable (console) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):3479336
                                                                                                                              Entropy (8bit):6.473568341388112
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:820C8D7E3A7CEA178CE7D2BEF2D9B40D
                                                                                                                              SHA1:E04E7F0D8170DEF61E2BDE0C29D51C1E0AE0A39C
                                                                                                                              SHA-256:D23D959A991C90537E6F102D448894817B55416D9C84CF18642D1CEE5A8C2F00
                                                                                                                              SHA-512:BA73F293B45F1932E99CA08F36DA21611672194B1DA524BA223AC52EDDB236C37EABAB7A30E5E12628C969DD83B9DCE5E60FB14A7EAC0EC9EDF59AB34207073B
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................@...........!..L.!This program cannot be run in DOS mode....$...........Ij..Ij..Ij.....Bj......j.....Uj..O.c.Jj..O..[j..O..]j..O..=j..@...Kj.....Hj..Ij..Nj......Jj.....Pj.....@j..Ij..k..#..j..#..Hj..#.a.Hj..Ij..Kj..#..Hj..RichIj..................PE..d.....f.........."....&.T ....................@..............................5.....c.5...`...........................................+.....d.+.......4.......2.....H.4..*...`5.8V....&.......................&.(...p.".@............p .p.....+.@....................text....S ......T ................. ..`.rdata..>....p ......X .............@..@.data...p.... ,..4....,.............@....pdata........2......62.............@..@.didat..P....p4.......3.............@..._RDATA........4.......3.............@..@.rsrc.........4.......3.............@..@.reloc..8V...`5..X....4.............@..B................................................................................................

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\fe79755f-c2e0-4801-9e51-dea6a39aa2cf

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:LZMA compressed data, non-streamed, size 537332
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):544796
                                                                                                                              Entropy (8bit):7.999638885902401
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:92A6D844440F239048D520FA8332CB3C
                                                                                                                              SHA1:D2ECAEAA96F8D936E2EA521896C2B4D3A483777D
                                                                                                                              SHA-256:47F744F5AC95D1F0C1706690AD766B29FAFE4956ED1D13C7B1F5DF4B49AECEF0
                                                                                                                              SHA-512:FAC6C8361118335BC45B7340DEBCAE805797AB8590F93938068A84201DC26167D5E57A7E21A6677F6FF04B8E374A56238909B21CB4CD93D190C6F2F3F7BB02D9
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]..@..2.......~..E..8... .rZ.~1...r.....u]d..,3a.......:..je...m......m_._...b..F{.....N2..x..A.DH..Hm...U..Tu7.3s.....Q.*......I....?.\%{=B=?...R6....l..2.......r..Q.x..-{.v.....A...C.._..b.O9..gU.....#.P...G..c...R........8...#....>.qv...Q.M%...a.&._..K.R%g..=Z).e.1..'|Fe.....n.]...._....%a.|...D.........!9/......G...3?1.7.XG.....y..au..fQ;.+.,..7...).h.m....W@...1..J'(...o...C..SB..G.%.s]a.N.e.f.'.y..Ir.|.A...5V(M*e16..N..?...?.[.......m`...S|..e...<'&.Z..D.A...D.......w3..`m.....D...Q...e^:..z,.......2..`N.X..<<.......+{.+..k3......9.. ..^.FH........`y.._..u...'vX.#.b..PN..}.j..(..W...E.....L.=y....~..@.q....5x..h...B...%.A1&...0...i....S?.p..j%]Li.y.6...!.W.7.........L...x..)t....E...Yo:m.E.TMT.w....Y...".u..o~.8.b.6fk#l....LMJ......j.3S.$....e(...........{...Cb......p../GHC.....T.N'...h6K..=|\....L-.\.....r...%..GSVY..2..V ..+.t.z&..h..{.0.\.H=.n....dl..QS..wR.t..1..K..FI.-..y~zj$.H.k.g0z......~,O.Z.aa.:..l|.jro"..Z./&Q......9

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\fe89644a-b32e-4958-b517-abf81002cb41

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:LZMA compressed data, non-streamed, size 8182568
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2434007
                                                                                                                              Entropy (8bit):7.999911142880536
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:0741AEFE3E70180532126FAD67132BF6
                                                                                                                              SHA1:D4DB88F090FFE147DA1A60FD46FC5ED4CC299245
                                                                                                                              SHA-256:B8C1C2F2316826871D496E2A611BF207041729F155C568810253733342D3E6E6
                                                                                                                              SHA-512:65E10068A975C465FD109DB5BAC5D27C4E7318834C80F4D95FBC39247547E58F292EE35F7CFFD39AC28431B39F35673F402B36B087501E8F0FF4FDA49DCBE710
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:]..@.(.|......&..p.........../D.|......I0..y.]n.u......i...7.....B]......F2$1..../e.Y.....f~.*8.A.#C..._c+....j........R...N%x.Bb...F.t#....Ri6...\....i.9Ow..%\&Q..l..c...t9>....E].Az...............3....j).&.$..<.8..W..2.|g.........iQ.S.=.o&9|..r.).!g...6..J..o-XC....'...5..9.._.....n{.r.8..#.!.5...4...+.KY.h....?.....wa/.}...|t.r........;*....i....R3.r.(.J.=L.*A.E....O....]1.j.F..trI.[f..|yG.p..c~..5&.ID.:.uN...Fa.7...:....2]n..F...Y...v..\.f..8..,5.:!A,......Z.`R'.Z..Z..}`P.7.4`.......k$m2..}.I....K..8..fg...k.&.@5.jx.!q).#.?......F...T@ws.~p4...*p...R..2..(qw.....b..V...Vi.8.$wb...D.}m.P..P.$.nZj[......8..I.....>.....l...v......h...Y..^..X..[.....$Ei..YC.`..I.HB..M..j.aW...%..O..\...c...Y.........=.'..g...$GvT..5.....:|d. ..#RXM..H..(8E.X....^ ....Z.b...&..*}.>A:A..r...Y.....n ...+..E.....&$k5o.....m.hf.e~......k"..U~Fl..........Z.1.CEcd.X.2.....{,2..E..Z..;m4o.C.t...?&B....VX.S......j..q.l.U.\|.)..@LRU...H:......~...N.9PBa..f".....~..4Vt...?.

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus.exe

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):8182568
                                                                                                                              Entropy (8bit):6.435197871751843
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:DB585D1E263964856A59D68EC5EEAF07
                                                                                                                              SHA1:CA3FA2AC67AE160A80056993CFB43AEE12411B5A
                                                                                                                              SHA-256:567ECA1EDA79594460AEEEEED9AD84BD37E83852CE26BF9EED992D286C7EFE78
                                                                                                                              SHA-512:955B9712709D324AAF5DDBCC5D3A0A84A3616C36669DF13A4002DF56E423E7C3B158E9B88347CAB7F3E381B49593BAD20057EF3E5942C5A12524D34B458A1119
                                                                                                                              Malicious:true
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................`...........!..L.!This program cannot be run in DOS mode....$.......0...ti..ti..ti.....i..r...xi..r...gi..r...fi..r....i.....di.....Ri......vi......|i..}.u.vi.."...ni......i.....wi..ti..yi.."...pi.....ui.....Qi..ti...k......~k......ui......ui..tiq.vi......ui..Richti..................PE..d...L..f.........."....&.&W..H&.......0........@..............................}......%}...`...........................................n.......n.......|.......x..g..H.|..*...0}....(*d......................,d.(...`a[.@............@W.....@.n......................text....$W......&W................. ..`.rdata..:....@W......*W.............@..@.data...`....0o.......o.............@....pdata...g....x..h....x.............@..@.didat..p....`|.......{.............@..._RDATA.......p|.......{.............@..@.rsrc.........|.......{.............@..@.reloc......0}......&|.............@..B................................................................

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\icarus_mod.dll

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):15656
                                                                                                                              Entropy (8bit):6.954988365309201
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:D845934AA70A21863BE1D43DDFBAD8E2
                                                                                                                              SHA1:F5CABF0944BD7CFE3EDFB371A0569C73C5053CC4
                                                                                                                              SHA-256:7F09D71D96F9F31E406CD0431CAA03D5A25EF58AC36AB21E5A52842B44971DBB
                                                                                                                              SHA-512:48177B22B405031DE5EA00675C88B3B41C6096CBC433BE365EDE6A0946619327643682A426CC7D9309BF30509ADB0036382062962E9C70AB9C4F5CEC51155BED
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$......................................*........Rich..................PE..L......f...........!...&..................... ...............................P............@E........................ !..\....#..<....0..............H....*...@..(.... ............................................... .. ............................text...U........................... ..`.rdata....... ......................@..@.rsrc........0......................@..@.reloc..(....@......................@..B........................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\product-def.xml

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:XML 1.0 document, ASCII text
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1403321
                                                                                                                              Entropy (8bit):5.388018934962214
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:5EFE2E81D99FF0EA726C5C909CBE5829
                                                                                                                              SHA1:B0F669704BD270BE83B9A67B6996942093022621
                                                                                                                              SHA-256:283CD1A04B37D482966CEC4992A03E305EE395DF43E81366F78157811F697A66
                                                                                                                              SHA-512:DD4D8C6A4F59D71A524464B879C39429ED00681131F56FE73443B77A105BF3F318528E7C37BFFBF65970F63EB299721854529953AD9A58D989320E6758EBF314
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:<?xml version="1.0" ?>.<product name="avast-av">..<product-defs>...<config>....<install-folder name="Avast"/>....<program-data-folder name="Avast"/>....<registry-key name="Avast"/>....<full-name name="Avast Antivirus"/>....<languages>.....<lang>en-us</lang>.....<lang>ar-sa</lang>.....<lang>be-by</lang>.....<lang>bg-bg</lang>.....<lang>bn-in</lang>.....<lang>ca-es</lang>.....<lang>cs-cz</lang>.....<lang>da-dk</lang>.....<lang>de-de</lang>.....<lang>el-gr</lang>.....<lang>en-gb</lang>.....<lang>es-es</lang>.....<lang>et-ee</lang>.....<lang>fa-ir</lang>.....<lang>fi-fi</lang>.....<lang>fr-fr</lang>.....<lang>he-il</lang>.....<lang>hi-in</lang>.....<lang>hr-hr</lang>.....<lang>hu-hu</lang>.....<lang>id-id</lang>.....<lang>it-it</lang>.....<lang>ja-jp</lang>.....<lang>ko-kr</lang>.....<lang>lt-lt</lang>.....<lang>lv-lv</lang>.....<lang>ms-my</lang>.....<lang>nb-no</lang>.....<lang>nl-nl</lang>.....<lang>pl-pl</lang>.....<lang>pt-br</lang>.....<lang>pt-pt</lang>.....<lang>ro-ro</lang>.....<l

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\product-info.xml

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:XML 1.0 document, ASCII text
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):11373
                                                                                                                              Entropy (8bit):5.373817973892409
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:49504472D6BE7BDD6B7D72000425C30B
                                                                                                                              SHA1:AEAE238B10CB7FCCD02EB666D5B9A98260D5587E
                                                                                                                              SHA-256:9F301C6C5261B42CB7BCF5C2B54966D69E8768E877326430E7D395A4FCD2890E
                                                                                                                              SHA-512:3E42E4E457C30650909099C971D327BBF5B15EA20B045E78F334F65C786114D82C5FC65ADC65F5133D0154D24F6225CE552520670910552B8885DE45B7986714
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:<?xml version="1.0" ?>.<product-info xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="product-info.xsd">..<name>avast-av</name>..<version>24.9.9452.2133</version>..<build-time>1726655608</build-time>..<setup-files>...<file>....<conditions>.....<os platform="x86"/>....</conditions>....<name>icarus.exe</name>....<src-id>69c9de9f0cc9cc846d44e8b9a42de17d93f4cde9ffcf7a10d1dff69c4cef0c1f</src-id>....<sha-256>66854dab52a25f1a4735aceeb8968ddb9a4d65478452f3309e98fa96d6374019</sha-256>....<timestamp>1726655539</timestamp>....<size>7268648</size>...</file>...<file>....<conditions>.....<os platform="x64"/>....</conditions>....<name>icarus.exe</name>....<src-id>cfab5808bd7503ee1aff23b54d5a98a557524fa453762afa10b90e4b7ca6af95</src-id>....<sha-256>567eca1eda79594460aeeeeed9ad84bd37e83852ce26bf9eed992d286c7efe78</sha-256>....<timestamp>1726655540</timestamp>....<size>8182568</size>...</file>...<file>....<conditions>.....<os platform="arm64"/>....</conditions>....<na

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\common\setupui.cont

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:XZ compressed data, checksum CRC32
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):537332
                                                                                                                              Entropy (8bit):7.999635588100389
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:0929D9CBFFB3DDBB70D5707DA558FBED
                                                                                                                              SHA1:A5910C01109C51F6BAB6F8265ABB30C04A86E5B2
                                                                                                                              SHA-256:791FB6A42640A93D6A1CA5AB03194053CC8FD16FF6BA6DA5A8AD1C9708449583
                                                                                                                              SHA-512:F7584E21CBA7087749B58780B1D451C80FF8C2B3A7E3CAF4C1238F3277FE1BAF5F0C6151DA2E3E8186B0E3A495BECCA04EC0557AD49904662FCBE974D38A80F9
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:.7zXZ...i".6..!...........P.J].0...?..Lm.K%. .6.X.....L.@#........EG.6...._9!.y..+`..."(O8.._KIL..;.,m..p.K.R..&....HP.. "H.=3....8%A...36.[H.$..=l...x..+......g..".@..=.q.\bh...z..o..=EA.......).{...?.R.N.L]..Y.....%\*P;.(.nR.z......X.p...{514....l.....>#....wK...7)..V:'%.G.Y......G...1..:M.HX..j.3gO...d...2..B...g.q..?..{$.3R.kH.....zhz.....6.C.0.e.Gkc...0.....D.U.L<...u.^;`....SB.....w.4.[._-w........=..7G..G.z.......Wlj..b#.wl.#......<.Vm$..Etf..x..J..3..j(..qYe.-d#.n......?..?..AX..Z.Hw....J+.........xe.....@:..qW*L....CRx.\].s....:>....}..~.@...^....E.....#(..+..H.2.*T.....V.7.......M.y...e.....rE.......%{i.".....2...../.jh.....-... EJ...,.|`....:.....YP$..J....!l..|.K.!"y..c.....,.O.K.N.R>.A.6.X....,$.'.....@{..@.!...QN..^.[.A.I.cX....*.....2...c..`.-T.;.Y...kp$.Q.7..$.XP.3^....-..Z,eR.EX#..=...d....Ox.f...s.$\....(QTQ(x.........FD.bu?j/n.)....l.....N..Q....}.p......9y%Mq.7..N....b.Hw....}\..9..Z..8...m.F../..y...."....7b..'..|.5.@M#}}

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\eref.edat (copy)

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):0
                                                                                                                              Entropy (8bit):0.0
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:06112A52C5F2C27C04F4ABECC9CFA0F2
                                                                                                                              SHA1:787FF30FB75D2018EBF3D9232EBFD9134B80CB69
                                                                                                                              SHA-256:EA9DC97A05195E708728AF276DB0482436EC20F1F00A617CF43A86B025B48252
                                                                                                                              SHA-512:31B4807705A0965DB2A99731B124652EA8C8793D2AF3D0FFCB52B55612AF083A21FF1B0ABEEE84835976D91DFA556527F5619C22682A2228DD947E209634C467
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:mmm_ava_esg_000_361_m

                                                                                                                              C:\Windows\Temp\asw-88d820e5-4cef-4c18-af03-de679cc27a95\icarus-info.xml

                                                                                                                              Download File
                                                                                                                              Process:C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe
                                                                                                                              File Type:XML 1.0 document, ASCII text
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1885
                                                                                                                              Entropy (8bit):5.256069687794414
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:AAA83366B9D66B1108804DAF5C1C2793
                                                                                                                              SHA1:DB535375280A0B0FEE4E1AF19C1539634F4A8E3F
                                                                                                                              SHA-256:89FB3168156B15A501D65ED78F2E9A4B88CC04DE84EAEA3207F18A9009037D5F
                                                                                                                              SHA-512:F8DFA1D7C7EB2BB9FD84A73380C4A1CD2C7FFE3B9D54FBFD4B94B87D26F487B9C591AB5A2398DEEBD2640192E545F0ECB544945ECB568DE2B6FBE8951565CC75
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:<?xml version="1.0" encoding="utf-8"?>.<icarus-info xmlns:xs="http://www.w3.org/2001/XMLSchema-instance">..<file-mapping-sfx>...<handle>26c</handle>...<size>1673688</size>..</file-mapping-sfx>..<file-list>...<file>....<alias>sfx-info.xml</alias>....<sha-256>fee1dcdd7f05a28f34f431daee71756895f79cbf4facb2e763c485bf559da9de</sha-256>....<offset>1650246</offset>....<size>723</size>....<timestamp>1726732735</timestamp>....<flags>0</flags>...</file>...<file>....<alias>avast-av/edition.edat</alias>....<sha-256>6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b</sha-256>....<offset>1651048</offset>....<size>1</size>....<timestamp>1726732735</timestamp>....<flags>0</flags>...</file>...<file>....<alias>avast-av/config.def.edat</alias>....<sha-256>dacf8caacce7efddf4911077a43d5dc8b33aa5c042bae011371ffaab3b39691c</sha-256>....<offset>1651131</offset>....<size>11444</size>....<timestamp>1726732524</timestamp>....<flags>1</flags>...</file>..</file-list>..<sfx-dir>C:\Windows\Temp\asw.b41

                                                                                                                              C:\Windows\Temp\asw.b41a1a6fa5bb3a22\avast_free_antivirus_online_setup.exe

                                                                                                                              Download File
                                                                                                                              Process:C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe
                                                                                                                              File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1673688
                                                                                                                              Entropy (8bit):6.681369586241195
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:5024C02AF4C75C03320ACE28EF464EED
                                                                                                                              SHA1:06DAF909AFCA26FD8A3466654ABF7FF3AF5D4ED3
                                                                                                                              SHA-256:9998186C54F39E665F5F22A13362DBF90621442398D570579FD51D45CD73807C
                                                                                                                              SHA-512:32BFCC388ED00F8940C4F47BE42FE4C0931B816E2BDE2C22EDE67896A34CD0D8C52DFCF1B05C46AB0158803C8A9DBA77E1A1B23BE15DC35D8BB66A0CC006A5C5
                                                                                                                              Malicious:true
                                                                                                                              Antivirus:
                                                                                                                              • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:MZ......................@...................................H...........!..L.!This program cannot be run in DOS mode....$.......jZ...;.}.;.}.;.}.I.|!;.}.I.|.;.}(.:}*;.}(..|:;.}(..|4;.}(..|B;.}.I.|7;.}.U.|+;.}'CT},;.}xN.|/;.}.;.}";.}.I.|/;.}.I.|9;.}.;.}.:.}D..|.;.}D..|/;.}D.8}/;.}.;P}-;.}D..|/;.}Rich.;.}........................PE..L...-..f...............&.:..........0........P....@.................................|.....@.................................h........................^...*..........$................................]..@............P...............................text...z8.......:.................. ..`.rdata...c...P...d...>..............@..@.data...P...........................@....didat..T............J..............@....rsrc................L..............@..@.reloc...............T..............@..B........................................................................................................................................................................................

                                                                                                                              C:\Windows\Temp\asw.b41a1a6fa5bb3a22\ecoo.edat

                                                                                                                              Download File
                                                                                                                              Process:C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe
                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):21
                                                                                                                              Entropy (8bit):3.1368637096073178
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:06112A52C5F2C27C04F4ABECC9CFA0F2
                                                                                                                              SHA1:787FF30FB75D2018EBF3D9232EBFD9134B80CB69
                                                                                                                              SHA-256:EA9DC97A05195E708728AF276DB0482436EC20F1F00A617CF43A86B025B48252
                                                                                                                              SHA-512:31B4807705A0965DB2A99731B124652EA8C8793D2AF3D0FFCB52B55612AF083A21FF1B0ABEEE84835976D91DFA556527F5619C22682A2228DD947E209634C467
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:mmm_ava_esg_000_361_m

                                                                                                                              C:\Windows\Temp\asw.b41a1a6fa5bb3a22\eref.edat

                                                                                                                              Download File
                                                                                                                              Process:C:\Users\user\Downloads\avast_free_antivirus_setup_online.exe
                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):50
                                                                                                                              Entropy (8bit):4.189275070710713
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:ADBBF9CCA7C9C92E75F724A979270B1B
                                                                                                                              SHA1:60699D45876F51CD6FA842E8869255FC3122C19A
                                                                                                                              SHA-256:1280E7C67670E66943D12DD009BCA9C8CD8F3C3D09D01A87E34C7CFCBACAE329
                                                                                                                              SHA-512:7A15A003C1BCEEC07F30908571A402D822352CC5751F5C8BF002CD83F56E50EC39F4732F11FD4E7EE042DFB2026EC8D0E60CC7EA17AF8A45B51E77CBA7DF633D
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:clid_885632441.1728907436--seid_1728907441--senu_1

                                                                                                                              Chrome Cache Entry: 236

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (1084)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1128
                                                                                                                              Entropy (8bit):5.13655803265401
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:776A03FB91A5A6C5F80E453652BA4EF3
                                                                                                                              SHA1:1952BFFD9588610B295DE9A351249E5DEE1A21CB
                                                                                                                              SHA-256:5497705C3331BECBCBA9001F4713389619DA62D8148061732A178EF3512ECE7B
                                                                                                                              SHA-512:C9837D72DDEDD380EF6112D0F68901D2B460DC2690C46DCFFEF07B900A91A34D0D5C0786C6297F39B22F67DC6CBB8B8FA516655F8104591AA2B95B9CAEBB3288
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:!function(){"use strict";function a(a){f.forEach(function(b){b.setAttribute("tabindex",a)})}function b(b){e.forEach(function(c){b?(c.classList.add("is-sticky"),a(0)):(c.classList.remove("is-sticky"),a(-1))})}function c(){var a=!1;h&&h.length>0&&h.forEach(function(b){if(b.classList.contains("tables--sticky"))var c=b.querySelector("thead th");else var c=b.querySelector("thead");a=a||d(c,64,null,!0)&&d(b)}),a?g?g.classList.add("hidden"):b(!1):g?(b(!1),a||g.classList.remove("hidden")):b(d(i,null,null,!0)?!0:!1)}try{var d=avm.require("avast.web.waypoints"),e=document.querySelectorAll(".sticky-bar"),f=document.querySelectorAll(".sticky-bar a"),g=document.querySelector(".message-bar.sticky-message"),h=document.querySelectorAll(".tables-common.sticky-header, .tables.tables--sticky"),i=".sticky-waypoint";a(-1),(document.querySelector(i)||g)&&(window.addEventListener("scroll",function(){c()}),window.addEventListener("resize",function(){c()}))}catch(j){"undefined"!=typeof sdl&&(console.error(j),s

                                                                                                                              Chrome Cache Entry: 237

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (5552)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):67418
                                                                                                                              Entropy (8bit):5.324330154056088
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:55451018BEB92D96FE50ACA6F5E411AA
                                                                                                                              SHA1:760F3961CE3F8BDBC29EF98F25112809575C3743
                                                                                                                              SHA-256:0C59F581C106678BAD85DA16F7851F2A11E63E66F837433A4D89D5B672123EF8
                                                                                                                              SHA-512:E14BEB514FC579005957471E3621F41535149D81CB38842D216F4942042A3E5B93F902F44A9686D44B875C4F4F76CBD6F0181681A24A6C934E45324C5B6AE16B
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:/**.* Copyright (c) 2017-present, Facebook, Inc. All rights reserved..*.* You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook..*.* As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software..*.* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

                                                                                                                              Chrome Cache Entry: 238

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (7711)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):292792
                                                                                                                              Entropy (8bit):5.613814603093334
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:023B1A2D93D540499DEFEBA73054C37C
                                                                                                                              SHA1:C553E5E1678591359714401E029E428CADD157F9
                                                                                                                              SHA-256:AF72CED750F22FAB3AD0428EF60BBF43C736693E8F78383AF6C667D27B96FB51
                                                                                                                              SHA-512:8687A6F53587D29A085337C81DCCEF3CA0A7BBF0961C2AE34CE08DF125B9BB4428AEDE62A497F95A4702EDEA0708F9E532F79216CCEE9BB63AB3C214568F86AE
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"11",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_auto_events","priority":20,"vtp_enableScroll":false,"vtp_enableOutboundClick":true,"vtp_enableDownload":false,"vtp_enableHistoryEvents":false,"vtp_enableForm":true,"vtp_enableVideo":true,"vtp_enablePageView":true,"tag_id":11},{"function":"__ogt_cross_domain","priority":20,"vtp_rules":["list","avast\\.co\\.jp","avast\\.ua","avast\\.ru"],"tag_id":13},{"function":"__ogt_dma","priority":10,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":14},{"function":"__ogt_referral_exclusion","priority":10,"vtp_includeConditions":["list","^avast\\.(com|ru|ua|co\\.jp)$","^ipm\\.avcdn\\.net$","^ipm\\-provider\\.ff\\.avast\\.com$","^paypal\\.com$","ecommpay\\.com$","^pepitastore\\.com$","softline\\.com$","^pay102\\.assist\\.kz$","rabobank\\.nl$","paysec

                                                                                                                              Chrome Cache Entry: 239

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (65310)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):1040315
                                                                                                                              Entropy (8bit):5.0825367404746205
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:038445D8211B60C8BC781CBED51A1077
                                                                                                                              SHA1:BB60BA8954B16538C07762D1091C1C8AC2A8704F
                                                                                                                              SHA-256:AC176E39DBF3846E4C386656DB66764B5A3B2667175B0C7446514D35E020C6C0
                                                                                                                              SHA-512:57CB670592816077EC6F3DCB9AE9822CA239BB9D2E03EC8EA3304978AF6A8299975215D3D4EAFD0B41B9FB4F4E192C5FE8060F82A9C4A61E205317C85D213FCE
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/c/v2/avast.css
                                                                                                                              Preview:/*!.=========================================================.* Avast styles.=========================================================.* Include only global stuff here.=========================================================.*/.tns-outer{padding:0 !important}.tns-outer [hidden]{display:none !important}.tns-outer [aria-controls],.tns-outer [data-action]{cursor:pointer}.tns-slider{-webkit-transition:all 0s;-moz-transition:all 0s;transition:all 0s}.tns-slider>.tns-item{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}.tns-horizontal.tns-subpixel{white-space:nowrap}.tns-horizontal.tns-subpixel>.tns-item{display:inline-block;vertical-align:top;white-space:normal}.tns-horizontal.tns-no-subpixel:after{content:'';display:table;clear:both}.tns-horizontal.tns-no-subpixel>.tns-item{float:left}.tns-horizontal.tns-carousel.tns-no-subpixel>.tns-item{margin-right:-100%}.tns-no-calc{position:relative;left:0}.tns-gallery{position:relative;left:0;min-height:1px}.tns-galler

                                                                                                                              Chrome Cache Entry: 241

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:PNG image data, 600 x 400, 8-bit/color RGBA, non-interlaced
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):104701
                                                                                                                              Entropy (8bit):7.98697235116745
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:5EB3B3EE5360FD8E797BBD70BE7DB1B4
                                                                                                                              SHA1:B609E419629F5B45DF186F55B07549D1094AD080
                                                                                                                              SHA-256:F53596A4A29BC3EA7436D16B6F396AAC57F6E5C538F52BF89E1141B22745F6E8
                                                                                                                              SHA-512:B37138CF811098655683BB0505810958B809F9299BAE2ADFA7E50EAC9CA84448C5D5C41C2C101E9E0C15F321149C57A57D8583E4F22809DCB62326AB8CBABB74
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:.PNG........IHDR...X.........r5......orNT..w.....IDATx...y..Wz........gbK$v...})n...}.T.n.e.h4#.my<.#.as.....G......*Kv...ek.V..F.H...}.2.{..}.9....E&....$...S....}y....>.y....by..N]. N.$....N.~E....kH@.Hk./.X....*..g.g..5R..%X,.....~......;.....k.r........rW..K._...l....#B.....Z-n......5%e.........._..b.......X,...N.<...m..(-^-....KB.o.;.....!.B.(..........=w.......C{.%..{......x..~i...#..,.....;....I..Y:..5?..~Z......H)....b..W.r..uU.W.]....._..._....W.Br.d...}<+...I..,..f......... .Y.kx..Oi.....0S9....."g......;..Z.n.AP..r.a..=.2<<rrvvF....W>.j.X>b...X,k.../....;_..8.4.z..)....%`#.-..t$RH....v.*'O....cLNN!Ds].....;;;..................[,.....~.....Qq....$.<...8...i..h...|.c`.....055...'x...LLL..B:.q..U.0.....?X....R~..~....#..,..f(..Io...=..|I.C....'...C)%Zk&''.......x.....8Hy............/~~.......K.X,.1V`Y,.O-G.N..Y`ii.8.q.z.R{....Z.0>..H)...R.p..Y..:..1.2.....N.QZg..r..u?..G.....X,.1V`Y,.O%.....:}...{.R..R.>....|....-.....8.k5.^....'9z.

                                                                                                                              Chrome Cache Entry: 242

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:very short file (no magic)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1
                                                                                                                              Entropy (8bit):0.0
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:68B329DA9893E34099C7D8AD5CB9C940
                                                                                                                              SHA1:ADC83B19E793491B1C6EA0FD8B46CD9F32E592FC
                                                                                                                              SHA-256:01BA4719C80B6FE911B091A7C05124B64EEECE964E09C058EF8F9805DACA546B
                                                                                                                              SHA-512:BE688838CA8686E5C90689BF2AB585CEF1137C999B48C70B92F67A5C34DC15697B5D11C982ED6D71BE1E1E7F7B4E0733884AA97C3F7A339A8ED03577CF74BE09
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:.

                                                                                                                              Chrome Cache Entry: 244

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (7711)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):292726
                                                                                                                              Entropy (8bit):5.613498305742277
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:2FC4387585D5BD3FE0AA65894FBA0250
                                                                                                                              SHA1:0C85BB688B3C16DE46C781CFBFF17BEDC4C0A47B
                                                                                                                              SHA-256:B2A91F835E007070CB1179DE1D55333A239559D00A6EB8E95291530A89E02E27
                                                                                                                              SHA-512:80824B59AA243FBF4B1D8F32F75743894224DA0D7BC25B3031F5E2F456655484AF03731BA8C3FCF1E34DDD80D4493C630ACB5805AE8382E5B3DAF62885D3B2ED
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://www.googletagmanager.com/gtag/js?id=G-WZQ6MQ6RF3&l=sdl
                                                                                                                              Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"11",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_auto_events","priority":20,"vtp_enableScroll":false,"vtp_enableOutboundClick":true,"vtp_enableDownload":false,"vtp_enableHistoryEvents":false,"vtp_enableForm":true,"vtp_enableVideo":true,"vtp_enablePageView":true,"tag_id":11},{"function":"__ogt_cross_domain","priority":20,"vtp_rules":["list","avast\\.co\\.jp","avast\\.ua","avast\\.ru"],"tag_id":13},{"function":"__ogt_dma","priority":10,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":14},{"function":"__ogt_referral_exclusion","priority":10,"vtp_includeConditions":["list","^avast\\.(com|ru|ua|co\\.jp)$","^ipm\\.avcdn\\.net$","^ipm\\-provider\\.ff\\.avast\\.com$","^paypal\\.com$","ecommpay\\.com$","^pepitastore\\.com$","softline\\.com$","^pay102\\.assist\\.kz$","rabobank\\.nl$","paysec

                                                                                                                              Chrome Cache Entry: 245

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (22462)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):22463
                                                                                                                              Entropy (8bit):5.308411760782321
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:01D681C49BE80A4B603C59E89B87920C
                                                                                                                              SHA1:5A75464EF4E504564DB1D39BEBED538F564B770E
                                                                                                                              SHA-256:EFAD755939E511F2BC1FEB0D58D6014006E8598A4D431F27A66DD59E14FC19CB
                                                                                                                              SHA-512:9579D6E8FFFB1E6D343974693C7AB06A04ACE91FD2D80782E3D3ACE8566C60493FC3AC4FCCECE8A2B79D24ABDC183019D4EF86DEB18FAC86CDF49F24A7B1FDED
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:var OneTrustStub=function(t){"use strict";var a,o,l=new function(){this.optanonCookieName="OptanonConsent",this.optanonHtmlGroupData=[],this.optanonHostData=[],this.genVendorsData=[],this.vendorsServiceData=[],this.IABCookieValue="",this.oneTrustIABCookieName="eupubconsent",this.oneTrustIsIABCrossConsentEnableParam="isIABGlobal",this.isStubReady=!0,this.geolocationCookiesParam="geolocation",this.EUCOUNTRIES=["BE","BG","CZ","DK","DE","EE","IE","GR","ES","FR","IT","CY","LV","LT","LU","HU","MT","NL","AT","PL","PT","RO","SI","SK","FI","SE","GB","HR","LI","NO","IS"],this.stubFileName="otSDKStub",this.DATAFILEATTRIBUTE="data-domain-script",this.bannerScriptName="otBannerSdk.js",this.domPurifyScriptName="otDomPurify.js",this.mobileOnlineURL=[],this.isMigratedURL=!1,this.migratedCCTID="[[OldCCTID]]",this.migratedDomainId="[[NewDomainId]]",this.userLocation={country:"",state:"",stateName:""}};(g=v=v||{})[g.Days=1]="Days",g[g.Weeks=7]="Weeks",g[g.Months=30]="Months",g[g.Years=365]="Years",(g=i=i

                                                                                                                              Chrome Cache Entry: 247

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:C source, ASCII text, with very long lines (63659), with CRLF line terminators
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):312389
                                                                                                                              Entropy (8bit):5.2771339772211645
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:9E1470E3A447924A22948C07E91334D6
                                                                                                                              SHA1:DCBFF867CEA7894D4122807BBD5F5FAA00C1753F
                                                                                                                              SHA-256:54362C32118BF00EC2D87D2D8B62B7452E588F102A0B819B128F8C5CE999C3DE
                                                                                                                              SHA-512:783B18F6ABA741BDA3AFA2717500D8DC51E36960650970B4E111E809073D273214633BD8BF126744DDEB3379B513D6F625A51D1C7A3AA90117B3388E24633714
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://mhubc.avast.com/script/mhubc.js
                                                                                                                              Preview:(function (apiUrl) {.. function mhubLoadJs(t) { const e = document.createElement("script"); e.type = "text/javascript", e.src = t, document.head.appendChild(e) } window.mhubc = { ads: [], push: function (t) { window.mhubc.queue.push(t) }, queue: window.mhubc && window.mhubc instanceof Array ? window.mhubc : [] }, Number.parseInt || (Number.parseInt = parseInt), window.fetch || (mhubLoadJs("https://cdn.jsdelivr.net/npm/promise-polyfill@8.1.3/dist/polyfill.min.js"), mhubLoadJs("https://cdn.jsdelivr.net/npm/whatwg-fetch@3.4.0/dist/fetch.umd.min.js")); try { new URL(window.location.href) } catch (t) { mhubLoadJs("https://cdn.jsdelivr.net/npm/url-polyfill@1.1.12/url-polyfill.min.js") } Uint8Array.from || (Uint8Array.from = function (t, e, n) { var r, o, i, u, s, l; for (o = (r = t).length, i = new ArrayBuffer(o), u = new Uint8Array(i), s = l = 0; 0 <= o ? l < o : l > o; s = 0 <= o ? ++l : --l) { var p = r[s]; e && (p = n ? e.call(n, p, s) : e(p, s)), u[s] = p } return u }), HTMLElement.p

                                                                                                                              Chrome Cache Entry: 249

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):80
                                                                                                                              Entropy (8bit):4.33221219626569
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:1AE6B27EBA211F4CFCD99B904DA88BB7
                                                                                                                              SHA1:53CA38F083C4A21F2EDA633EC304CB4582EDEDA2
                                                                                                                              SHA-256:961635B4E9661208EC118D285B3AC1DBF9F3CC96CDDC97F30E55CD2C6566448C
                                                                                                                              SHA-512:7DD325AB05B1A419614C2C39224C11E1388F09BCA5EA0F56811E6842B4FB243BCB53AA2BDDE00A94FBC324222B47924152C183337EB390F58C59AC80E89593B6
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:jsonFeed({"country":"US","state":"NY","stateName":"New York","continent":"NA"});

                                                                                                                              Chrome Cache Entry: 251

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):18
                                                                                                                              Entropy (8bit):3.794653473544342
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:89C8719F84C5374EE14A57E3976DAFDF
                                                                                                                              SHA1:8B8BC2E313CF7FF26627008CD1C7150F1393C060
                                                                                                                              SHA-256:5EC60C925D45D25DDD1C440B128F8D16B16E95B251209741EB174F31BB9B7607
                                                                                                                              SHA-512:AD31D4631B97B6605F0847B248E2050CD167C80CBE43542EA89D690C2A83FEA728F04FD34C31B00DE94E4A4D0D2AE2CE7EF5BA75F0314A9E78AAD6CA3384BFEA
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:No URL match found

                                                                                                                              Chrome Cache Entry: 254

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ISO Media, AVIF Image
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):7176
                                                                                                                              Entropy (8bit):7.915437962891535
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:1B96F9464C18FC2FF59CA30EF324F0E9
                                                                                                                              SHA1:3809A23832C10BB66BE4BA14DFD43D9B75F13AEE
                                                                                                                              SHA-256:807BA4EDF69AB193D0699E579CDF3ED0B02C3C166FD25FE4511367636AFC29FC
                                                                                                                              SHA-512:665B6506F608446B01F5ABC2328C0048669111BE370920FD0A251806097A617B604E7473809168FC4FF2F376D673BEEA100BE8570D8B117D9F7C7423617CE328
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/i/v2/aim/img/lp-safe-emailing/hijack@2x.png?width=568
                                                                                                                              Preview:....ftypavif....avifmif1miaf....meta.......!hdlr........pict.................pitm.........4iloc....D@.....................................M...8iinf..........infe........av01.....infe........av01.....iprp....ipco....colrnclx...........av1C........ispe.......X........pixi.........8auxC....urn:mpeg:mpegB:cicp:systems:auxiliary:alpha.....av1C........ispe.......X........pixi............ipma..........................iref........auxl.........Tmdat.....f%|{..2...`.@P.?^j.W[.o.d*...[....G..E8..r.l......n.Y.k.OD...r....=b}...z../..Q8...T,.G.....=v.}.:.{u..[..(.m.h..Y..?..`....1.@.....\OZ..Q...'.d..-c2..-&$..R..[:....<...]F..@../..s.V>-....3`.',.{i..Y-g.......J.UA........1.Y.^.qq.07.'....a.f%Z+.0~...E.~@.@8..K...J..A.D....w..vl.C..b..........Z...v..;#mVUm..(.1.].s4/]..:.s.w.C[.l......t.u..~[K.k..5.......X.h.m'^......IU......B....D..C.H(...[-..wl.7......}E..Nw....r.a.*..3g....&..D..U...`............... ..g~0....dT.'.....$.;..u..R1l.P&...g..3./.'.....o..&E.*....{....)....

                                                                                                                              Chrome Cache Entry: 257

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (11909)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):22866
                                                                                                                              Entropy (8bit):5.322981108269561
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:8C57BD594A21823E609168D2CE709D53
                                                                                                                              SHA1:76CCF6713974761604F8EFFE28F9A0B80ED7923D
                                                                                                                              SHA-256:342B9BB89098950667614F3BCF95026F038084A8FB06FC3710051C671F70926B
                                                                                                                              SHA-512:07AEB92A60C7B4605C95E0CAF45389E3F7A22A283B593C74437C637C8F07730A7EA3B342E86BE326A5019AFD857245C6F57FDAB518A9460AF9AE0637B2C50642
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:window.hjSiteSettings = window.hjSiteSettings || {"site_id":470805,"rec_value":0.0,"state_change_listen_mode":"automatic","record":true,"continuous_capture_enabled":true,"recording_capture_keystrokes":false,"session_capture_console_consent":false,"anonymize_digits":true,"anonymize_emails":true,"suppress_all":false,"suppress_all_on_specific_pages":[],"suppress_text":null,"suppress_location":false,"user_attributes_enabled":false,"legal_name":"Avast","privacy_policy_url":"https://www.avast.com/privacy-policy","deferred_page_contents":[],"record_targeting_rules":[],"feedback_widgets":[],"heatmaps":[],"polls":[{"id":803625,"created_epoch_time":1651222600,"skin":"light","background":"#FFFFFF","effective_show_branding":true,"position":"right","content":{"version":2,"questions":[{"labels":[{"text":"Strongly disagree"},{"text":"Strongly agree"}],"next":"byOrder","required":true,"scaleCount":5,"text":"I find the promotion of Private mode relevant.","type":"rating-scale-5","uuid":"ad8401dd-d72a-4

                                                                                                                              Chrome Cache Entry: 259

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:SVG Scalable Vector Graphics image
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):1120
                                                                                                                              Entropy (8bit):5.291343419005958
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:FB7EE1A4FDAB0CF17A6C928A001F0C0E
                                                                                                                              SHA1:37AA3DF5DC67A77ED318144DB514774E7DDFDB92
                                                                                                                              SHA-256:41723D2B8A63B2EB0F7B37267EE28B30937B041280B86B408EF6FBA712DAB9EC
                                                                                                                              SHA-512:25B05525B4E710CAEFDA1BED1CD9979D6734800F8BE3EB5B80D1B7E45A9BE2F20120A555F1B32639ED6B2F651555A16E0454FC932B4D1A5B3BABE4445D2732CE
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/i/v2/components/bg/bg-blade-dark.svg
                                                                                                                              Preview:<svg xmlns="http://www.w3.org/2000/svg" width="1600" height="488" fill="none"><path fill="#071D2B" d="M0 0h1600v488H0z"/><mask id="a" maskUnits="userSpaceOnUse" x="0" y="0" width="1600" height="488"><path d="M1600 0H0v488h1600V0z" fill="#FFF"/></mask><g mask="url(#a)"><path opacity=".22" d="M1215.39 567.616c143.1 221.991 53.73 519.384-188.01 625.614L-1423 2270 568.183 480.912c196.441-176.499 504.107-135.286 647.207 86.704z" fill="url(#paint0_linear)"/><path opacity=".22" d="M551.718-172.449C757.065-6.328 765.102 304.147 568.619 480.67L-1423 2270-90.304-52.378C41.174-281.492 346.37-338.57 551.718-172.449z" fill="url(#paint1_linear)"/></g><defs><linearGradient id="paint0_linear" x1="574.5" y1="412" x2="969.05" y2="855.778" gradientUnits="userSpaceOnUse"><stop stop-color="#071D2B" stop-opacity="0"/><stop offset="1" stop-color="#fff" stop-opacity=".48"/></linearGradient><linearGradient id="paint1_linear" x1="-8.5" y1="-52" x2="572.162" y2="505.332" gradientUnits="userSpaceOnUse"><stop stop

                                                                                                                              Chrome Cache Entry: 260

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):7886
                                                                                                                              Entropy (8bit):3.7939497662625397
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:BE87FD81FF4E82E7ED57B0C8951C66D0
                                                                                                                              SHA1:4A918234D3225B585DFFB7B6D587ACB3FBB39618
                                                                                                                              SHA-256:637B67152DBA0B0B33C8AADB38EA7C86B7A12B37366C7183F898C36C222B04FD
                                                                                                                              SHA-512:87EC908135335B4074D412B04188BF05D00F468400D2837BA2CA1C77440B6F2F15BA648F2A8F42B1301D77DF54BF2A00E59416942807CCD90E36F59431638DE7
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:............ .h...6......... ......... .... .....&...(....... ..... .........#...#................x...z...~...y.F.y...x...x...x...x...y...y.F.}...y...x...............d...x...x...x...x...x...x...x...x...x...y...x..?...a....................w...x...x...x...x...x...x...x...x...{..l...2....5..J.......{...&....v...v...w...x...x...v...x...y..f............y.F.w..).......{...W...D...+....{...}..;...@...i.......!....t.H.y...v..p...............~...e...w...........r.......|....w...x...x...w......<...0...T...............w...Z...........#....w...x...x...x...w......................P...I................w...x...x...x...x...w.. ...............1...>...............*....w...x...x...x...x...x...y..Q...u.......6....................x...x...x...x...y...x...x...x...v...u..1...................3....v...x...x...x...y.F.x...x...x...x...~.......................y...x...x...x...y.H.~...y...x...x...w......................;....v...x...x...y...|...y...z...y...x...x...z...................{...x...x...x...z...y...x...y...z

                                                                                                                              Chrome Cache Entry: 263

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:SVG Scalable Vector Graphics image
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):5194
                                                                                                                              Entropy (8bit):3.976628767895142
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:63E737D3544164D2B7F4FBCA416AC807
                                                                                                                              SHA1:030370AA38715E4C41589633F69D0BFE8255D46C
                                                                                                                              SHA-256:5FA00D047ACD959697B9D7772C31DCD37BEC33C70C6FBF80AB8316205D1D286D
                                                                                                                              SHA-512:31EE1BB536C0E50F5568A415EA3308367BFCFD11D2A6F7DFF1C8E3A982F7BE790C240A603CD4C6E187672824B8E5D07646049A28C6A88A7B001EB9A0142F312B
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:<svg height="16" width="136" data-name="Layer 1" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 136 14.6"><defs><clipPath id="a"><path fill="none" d="M53.76 0H136v14.6H53.76z"/></clipPath></defs><path d="M0 12.3V5.59h2.27a2.62 2.62 0 011.29.28 1.83 1.83 0 01.74.77 2.25 2.25 0 01.25 1.07 2.26 2.26 0 01-.25 1.08 1.77 1.77 0 01-.74.77 2.55 2.55 0 01-1.28.29H.66v-.72h1.59a1.81 1.81 0 00.87-.19 1.1 1.1 0 00.48-.5 1.73 1.73 0 00.15-.73A1.66 1.66 0 003.6 7a1.1 1.1 0 00-.48-.5 1.86 1.86 0 00-.88-.18H.81v6zm7.74.1a2.29 2.29 0 01-1.2-.32 2.29 2.29 0 01-.8-.91 3.06 3.06 0 01-.28-1.36 3.07 3.07 0 01.28-1.37 2.14 2.14 0 012-1.24 2.14 2.14 0 012 1.24A3.07 3.07 0 0110 9.81a3.06 3.06 0 01-.29 1.36 2.11 2.11 0 01-2 1.23zm0-.69a1.31 1.31 0 00.85-.27 1.6 1.6 0 00.5-.69 2.9 2.9 0 00.16-.94 2.85 2.85 0 00-.16-.94 1.67 1.67 0 00-.5-.71 1.37 1.37 0 00-.85-.26 1.35 1.35 0 00-.85.26 1.67 1.67 0 00-.5.71 2.85 2.85 0 00-.16.94 2.9 2.9 0 00.16.94 1.6 1.6 0 00.5.69 1.29 1.29 0 00.85.27zm4.43.59l-1.54-5h.82l1.08 3

                                                                                                                              Chrome Cache Entry: 267

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:JSON data
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):170113
                                                                                                                              Entropy (8bit):5.2218505513795135
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:04146C1AC09716ECC26BAE71D45DB56E
                                                                                                                              SHA1:7F86FD80F31E5DFC66F3A5FBD8EAC8AED58C72C2
                                                                                                                              SHA-256:083A8DF4CA6BE6CA3076F7E070149984DF6F87E87A93C464ADABDCF07FE3171B
                                                                                                                              SHA-512:2AC779C1630E94F5D72E5D3FE4EFA4CF1E6D53CB8E72C4F00206CF7CA77A0E60D18FD5A0EA1582A4D4EEB2F2D7388B82CF2CFB7020B6AAC5F3E5D7A87432E7FB
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:{"DomainData":{"pclifeSpanYr":"Year","pclifeSpanYrs":"Years","pclifeSpanSecs":"A few seconds","pclifeSpanWk":"Week","pclifeSpanWks":"Weeks","pccontinueWithoutAcceptText":"Continue without Accepting","pccloseButtonType":"Icon","MainText":"Privacy preference center","MainInfoText":"By clicking \"Accept all\" you allow cookies that improve your experience on our site, help us analyze site performance and usage, and enable us to show relevant marketing content. You can manage cookie settings below. By clicking .Confirm selection. you agree with the current settings. See&nbsp;","AboutText":"Cookies policy","AboutCookiesText":"Your Privacy","ConfirmText":"Accept all","AllowAllText":"Save Settings","CookiesUsedText":"Cookies used","CookiesDescText":"Description","AboutLink":"https://www.avast.com/cookies-policy","ActiveText":"Active","AlwaysActiveText":"Always Active","AlwaysInactiveText":"Always Inactive","PCShowAlwaysActiveToggle":true,"AlertNoticeText":"By clicking \"OK\" you allow coo

                                                                                                                              Chrome Cache Entry: 268

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:SVG Scalable Vector Graphics image
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):2877
                                                                                                                              Entropy (8bit):4.052337689336677
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:CA3944DC6C14B8CB08491522A17305C1
                                                                                                                              SHA1:4E7A365749B01D5D1F6F4D66AD1DAF35D6F36A31
                                                                                                                              SHA-256:63B2334F1A7B6023ACC55F36FC44424D050C65BF421CA871EBCF967E1DEA7FF6
                                                                                                                              SHA-512:446355072B700B0F9551C68B7431121033E8C9CA938B879D0A61E8EC45526AFB8CF7A3E7E5328934AA5254A35BCDA60EA73FAF44D962DC782F77318CD81AEFB4
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:<svg width="116" height="36" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M114.388 16.038c.792 0 1.44-.648 1.44-1.44v-1.764h-4.464V8.946h-2.466c-.792 0-1.44.648-1.44 1.44v2.466h-.72c-.792 0-1.44.648-1.44 1.44v1.764h2.16v5.706c0 .918.018 1.764.036 2.484.018.738.216 1.458.594 2.16.414.756 1.026 1.296 1.836 1.638.81.342 1.728.522 2.754.54 1.026.018 2.07-.072 3.15-.27V26.64a1.44 1.44 0 00-1.476-1.44c-.36.018-.702 0-1.026-.018-.756-.054-1.296-.342-1.656-.882-.18-.288-.288-.666-.288-1.152-.018-.486-.018-1.026-.018-1.62v-5.49h3.024zM53.406 7.704h-4.14l-7.434 20.61H45c.594 0 1.134-.378 1.35-.936l1.242-3.366h9.198l1.242 3.366c.216.558.738.936 1.35.936h3.15L55.656 9.288a2.412 2.412 0 00-2.25-1.584zm-4.5 12.78l3.276-8.838 3.276 8.838h-6.552zm34.145-8.028c-3.276 0-5.382 1.458-6.48 4.302l2.358.828a1.44 1.44 0 001.584-.45c.504-.63 1.08-1.152 2.502-1.152 1.782 0 2.52.63 2.664 2.322l-4.77.828c-4.41.72-4.95 3.438-4.95 4.932 0 1.494 1.134 4.698 5.4 4.698 2.16 0 3.708-.792 4.716-1.764a1.433 1.

                                                                                                                              Chrome Cache Entry: 269

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:JSON data
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):69
                                                                                                                              Entropy (8bit):4.057426088150192
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:B04CD3F8043EF04F417D4B0E4BCBBC03
                                                                                                                              SHA1:88F259A4AE3045409B3657E7D7A791D321BA9DCE
                                                                                                                              SHA-256:59E58524340CD7AD353BE010374B124C242FDDE10A0ED41047FE2FD4BB9E5A2E
                                                                                                                              SHA-512:A285C493B939D2A165D80F87FC830F5D02AFCC7A8EA1C5CAF9CAA87ABD286F1C98598FFD83023044BDB23D344C60EEF6A6C4BFEDEDD42A4297A0AC09E22FA5B2
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location
                                                                                                                              Preview:{"country":"US","state":"NY","stateName":"New York","continent":"NA"}

                                                                                                                              Chrome Cache Entry: 271

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:HTML document, Unicode text, UTF-8 text, with very long lines (3126)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):26706
                                                                                                                              Entropy (8bit):5.462218884020306
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:68F1436D12BFFBF46EA7C7AA26F3AFFA
                                                                                                                              SHA1:78455827971D315DF0456C052087313B50F6B500
                                                                                                                              SHA-256:810C0BE20BD37135D5EFBEEA15B257AC5CEB94F4B83F161006DC7D52AB3076BB
                                                                                                                              SHA-512:104C94E772A3C3FEEB65A4E7769B2FE802E2BEB855200F8E2BDC38020615EE0859DA4E058422155AC40AF560B9CF24AA0BC812A6C599A4952E820226FA58C060
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://www.avast.com/en-us/lp-safe-emailing?full_trSrc=mmm_ava_esg_000_361_m&utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail
                                                                                                                              Preview:<!DOCTYPE html>.<html lang="en-us" class="no-js">..<head>...<meta charset="utf-8">.....<script type="text/javascript" src="https://cdn.cookielaw.org/consent/b680e9a8-3d45-4e4a-998f-7d05f89e4486/OtAutoBlock.js" ></script>.<script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" data-document-language="true" type="text/javascript" charset="UTF-8" data-domain-script="b680e9a8-3d45-4e4a-998f-7d05f89e4486" fetchpriority="high" async></script>.<script type="text/javascript" src="https://static3.avast.com/10003956/web/j/vendor/one-trust.js"></script>..........<script>...window.nortonAnalytics = window.nortonAnalytics || {};...nortonAnalytics = {....'account': "symanteccom",....'site_country': "us",....'site_language': 'en',....'content_format': 'html',....'content_page': 'page',....'site_section': 'avast.com',....'page_name': "lp-safe-emailing",....'site_sub_section': "others"...}..</script>....<script src="https://assets.adobedtm.com/b29989a14bed/ccef52b414db/launch-773db4767ac4.

                                                                                                                              Chrome Cache Entry: 272

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:JPEG image data, JFIF standard 1.01, resolution (DPCM), density 56x56, segment length 16, progressive, precision 8, 1280x1000, components 3
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):26670
                                                                                                                              Entropy (8bit):7.877248354195684
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:4DD0760D4449920408B2687D944F39BF
                                                                                                                              SHA1:3E3797E799EA5DD06E74F0B8FE30336A6018FD5E
                                                                                                                              SHA-256:DBE05D4F440F8F379E1A19D73D45D5CDAD138013B6DAE80E4D07034FB62C2020
                                                                                                                              SHA-512:9E4B079CCCB76C497594129B5286DD6EF2A7BB0AAF322E129786CCF65878A9D6F2DFCCC1A1638737B8D9985E2841B3E803669BFC50950441F4589B0A585B01BE
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:......JFIF.....8.8......................................&.#. . .#.&.:.*.-.*.-.*.:.X.7.@.7.7.@.7.X.N._.M.H.M._.N...n.b.b.n...........................C.C..................................&.#. . .#.&.:.*.-.*.-.*.:.X.7.@.7.7.@.7.X.N._.M.H.M._.N...n.b.b.n...........................C.C............."........../.............................................................."..,&u...Y,.9.l.7..,.YMo...k..e..K...R..u.gyLgy.+...Y.nnp,.LoJ+.z.5.....:..mC3T..9N..9.0.".B.J$.....#.....R".!`..V.....P..............>..A.$H..L...f....,.YK..kz......RMB...4),3..3..15,.*Y\..Y(.vY..]...9.]e,.gc.{f....u#.;......E...:.S.9:.m.+...K.".M...-B(.".....*P.............tK........f.$.....UU.]k6kz.w6Z....B..9.LMD..j..\..e.t5e......^{..yh....`x.....gS..,........#L.24..4.,.,$....9:.c.p.(.."..."....*%...........,.,3.d.u.9.l.u..,...U.X.\.w.U..*R.R.i,&u.gYL.Y..S.[.9..#S~.?...H..+".".S.0..;9...s"g..3.O.}........Fl..$...*....*.24.,..3c....9:..p.P....B.....P...*%.>..t....D&u...l.w..,..f....`..W4..f.JK

                                                                                                                              Chrome Cache Entry: 273

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:JSON data
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):7242
                                                                                                                              Entropy (8bit):4.9066217095082525
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:04514A1160884DA6EAC0D7BEE3EFE752
                                                                                                                              SHA1:4790FA7467B0E52775E1338DBBBC7626F6BDC1E5
                                                                                                                              SHA-256:905AF469C1C98ECD02CEE882C887E586A8D0D13FB0C6517345EB5A3311AD0F95
                                                                                                                              SHA-512:DF4241BBEDE0E6B97C175823B2A1F7C2CCBEC6DCB990D3738DE94C4AD7990029D66DB0CFFE77F61639B763C2B112F69AD726417596EE1C5EB220520FDDA8257E
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:{"CookieSPAEnabled":false,"CookieSameSiteNoneEnabled":false,"CookieV2CSPEnabled":false,"MultiVariantTestingEnabled":false,"UseV2":true,"MobileSDK":false,"SkipGeolocation":false,"ScriptType":"PRODUCTION","Version":"6.33.0","OptanonDataJSON":"b680e9a8-3d45-4e4a-998f-7d05f89e4486","GeolocationUrl":"https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location","BulkDomainCheckUrl":"https://cookies-data.onetrust.io/bannersdk/v1/domaingroupcheck","RuleSet":[{"Id":"0190bbdc-3348-76c8-b96c-a23f872b72a7","Name":"GPC Detected . All Opt-out, Marketing Opt-in","Countries":[],"States":{"us":["de","co","mt","or","ca","ct","tx"]},"LanguageSwitcherPlaceholder":{"default":"en"},"BannerPushesDown":false,"Default":false,"Global":false,"Type":"GDPR","UseGoogleVendors":false,"VariantEnabled":false,"TestEndTime":null,"Variants":[],"TemplateName":"Avast . GPC . Template","Conditions":[],"GCEnable":false,"IsGPPEnabled":false,"EnableJWTAuthForKnownUsers":false},{"Id":"0190bbdc-2f19-7716-ac2c-1f2b816

                                                                                                                              Chrome Cache Entry: 274

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (7155)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):7202
                                                                                                                              Entropy (8bit):5.163602320067472
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:09A36CA27AD999025CDB09D025D9AEE0
                                                                                                                              SHA1:90F6D9F0EA5A34AB860025553F9910292422E6D0
                                                                                                                              SHA-256:A6BCD82A9D47FFCA4B4E8772EC5C8E7895084FEB555A49D2A46EC7E9906C149A
                                                                                                                              SHA-512:EB8E51DF13ABA8324FF416FE09D9436E192E7BCC42B71BBFE698BA68298284812C7C6AABCA57CA357955C26DFD40F4FC6ACC287E5312CC4DB456FC088BFB8F0F
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:!function(){"use strict";if(window.sdl!==undefined)try{var a={buttons:function(){document.addEventListener("click",function(b){if(b.target.closest('a[data-role="download-link"]')){var c=b.target.closest('a[data-role="download-link"]');if(c&&sdl.push({user:{download:{products:[{campaign:a.checkAttribute(c,"data-campaign"),campaignMarker:a.checkAttribute(c,"data-campaign-marker"),sku:a.checkAttribute(c,"data-download-name"),maintenance:0,seats:1,quantity:1,currencyCode:"USD",category:"Consumer",price:0,tax:0,brand:"Avast",link:a.removeUnwantedParamsFromLink(c.href),offerType:"download",localPrice:0,localTax:0}]}},event:"user.download.products"}),document.querySelector('[data-behavior="downloadPopup"]')!==undefined){var d=document.querySelector('[data-behavior="downloadPopup"]');sdl.push({system:{modal:{id:d.id,component:a.checkAttribute(d,"data-cmp-name"),path:"/"+sdlObj.screen.locale+"/"+a.checkAttribute(d,"data-cmp-name")}},event:"system.modal"});var e=new URLSearchParams(window.locati

                                                                                                                              Chrome Cache Entry: 275

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (9217)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):231864
                                                                                                                              Entropy (8bit):5.458039173946496
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:40283CFC473AFBE1D4ABBA7E6C809885
                                                                                                                              SHA1:8A32CB88D9F537B02582DF17A5BB11C2087937F6
                                                                                                                              SHA-256:48BA1993011DB4834882D81B2153753437607292F704A6543D4466C0F6D1372A
                                                                                                                              SHA-512:DABD9FD4CC3FB4FF3EBC2C3529E602E91939DDB1F42C2D7E70188DFC3262548922EA45C96691D567F2C777D393B5CE7162B5BD4C2054B33A03856BBEA1C1A0E3
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://connect.facebook.net/en_US/fbevents.js
                                                                                                                              Preview:/**.* Copyright (c) 2017-present, Facebook, Inc. All rights reserved..*.* You are hereby granted a non-exclusive, worldwide, royalty-free license to use,.* copy, modify, and distribute this software in source code or binary form for use.* in connection with the web services and APIs provided by Facebook..*.* As with any software that integrates with the Facebook platform, your use of.* this software is subject to the Facebook Platform Policy.* [http://developers.facebook.com/policy/]. This copyright notice shall be.* included in all copies or substantial portions of the software..*.* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR.* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS.* FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR.* COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER.* IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN.* CONNECTION WI

                                                                                                                              Chrome Cache Entry: 276

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:JSON data
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):49150
                                                                                                                              Entropy (8bit):5.523809476276692
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:CD46DA23147D575E2E1C368FF7432446
                                                                                                                              SHA1:763FB3A733E8A5A721B2CCB6867B4E7E224D8D5F
                                                                                                                              SHA-256:AE45F042DB0F3B2D2FFE2BC7F5193A9713B4095048EFE83EB847FD8E0FF70920
                                                                                                                              SHA-512:9C7B442B7E4C589DA28F9DEEAE61AAC3EC70AC853696032FB6DBF9B3AA9D9DF11176EEF67AB9B6516D3C9BC870C301F806103CEF29F94C6BBF74DEF6099AE27E
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/v2/otPcPanel.json
                                                                                                                              Preview:. {. "name": "otPcPanel",. "html": "PGRpdiBpZD0ib25ldHJ1c3QtcGMtc2RrIiBjbGFzcz0ib3RQY1BhbmVsIG90LWhpZGUgb3QtZmFkZS1pbiIgcm9sZT0iYWxlcnRkaWFsb2ciIGFyaWEtbW9kYWw9InRydWUiIGFyaWEtZGVzY3JpYmVkYnk9Im90LXBjLWRlc2MiPjwhLS0gUEMgSGVhZGVyIC0tPjxkaXYgY2xhc3M9Im90LXBjLWhlYWRlciI+PGRpdiBjbGFzcz0ib3QtcGMtbG9nbyIgcm9sZT0iaW1nIiBhcmlhLWxhYmVsPSJDb21wYW55IExvZ28iPjwvZGl2PjxidXR0b24gaWQ9ImNsb3NlLXBjLWJ0bi1oYW5kbGVyIiBjbGFzcz0ib3QtY2xvc2UtaWNvbiIgYXJpYS1sYWJlbD0iQ2xvc2UiPjwvYnV0dG9uPjwvZGl2PjxkaXYgaWQ9Im90LXBjLWNvbnRlbnQiIGNsYXNzPSJvdC1wYy1zY3JvbGxiYXIiPjxoMiBpZD0ib3QtcGMtdGl0bGUiPllvdXIgUHJpdmFjeTwvaDI+PGRpdiBpZD0ib3QtcGMtZGVzYyI+PC9kaXY+PGJ1dHRvbiBpZD0iYWNjZXB0LXJlY29tbWVuZGVkLWJ0bi1oYW5kbGVyIj5BY2NlcHQgQWxsPC9idXR0b24+PHNlY3Rpb24gY2xhc3M9Im90LXNkay1yb3cgb3QtY2F0LWdycCI+PGgzIGlkPSJvdC1jYXRlZ29yeS10aXRsZSI+TWFuYWdlIENvb2tpZSBQcmVmZXJlbmNlczwvaDM+PGRpdiBjbGFzcz0ib3QtcGxpLWhkciI+PHNwYW4gY2xhc3M9Im90LWxpLXRpdGxlIj5Db25zZW50PC9zcGFuPiA8c3BhbiBjbGFzcz0ib3QtbGktdGl0bGUiPkxlZ2l0LiB

                                                                                                                              Chrome Cache Entry: 279

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (1019)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):1061
                                                                                                                              Entropy (8bit):5.384389292681368
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:18AB4E638089535994D5FC6677D94541
                                                                                                                              SHA1:AF016C9F525B6182CF777D12096A15B87472C444
                                                                                                                              SHA-256:F6FE93867A88131B7454C262C76F8CC06E9F6A96DA2B801D15C0014B18CAB69F
                                                                                                                              SHA-512:4075BB249227255885F7EC7D58D7D24B5813F7A384489F48A0692F7C48C025864DBF2810FD7F6ACA0EBEE3F145A843171A76BFBA0BEC5383AF67C2C55585C2B4
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/j/v2/components/cmp-countdown.js
                                                                                                                              Preview:!function(){"use strict";try{if(document.querySelector(".cmp-countdown")){var a=document.querySelector(".cmp-countdown"),b=a.dataset.expiration,c=new Date(b).getTime(),d=a.querySelector(".days .numbers"),e=a.querySelector(".hrs .numbers"),f=a.querySelector(".mins .numbers"),g=a.querySelector(".sec .numbers"),h="";const i=new URLSearchParams(window.location.search),j=i.get("today");if(j){const k=j.split("--");if(2===k.length){const l=k[0],m=k[1],n=l.replace(/-/g," ")+" "+m.replace(/-/g,":")+" GMT+0000",o=new Date(n);h=o.getTime()}}isNaN(c)&&(c=(new Date).getTime());var p=setInterval(function(){var b=h?h+=1e3:(new Date).getTime(),i=c-b,j=Math.floor(i/864e5),k=Math.floor(i%864e5/36e5),l=Math.floor(i%36e5/6e4),m=Math.floor(i%6e4/1e3);d.innerHTML=j<10?"0"+j:j,e.innerHTML=k<10?"0"+k:k,f.innerHTML=l<10?"0"+l:l,g.innerHTML=m<10?"0"+m:m,i<0&&(clearInterval(p),a.remove())},1e3)}}catch(q){"undefined"!=typeof sdl&&(console.error(q),sdl.push({system:{error:{type:q.name,message:q.message}},event:"sy

                                                                                                                              Chrome Cache Entry: 280

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (64511)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):72404
                                                                                                                              Entropy (8bit):5.4275806881805
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:6A9D25AAC92697F5387F688DDE79DFC1
                                                                                                                              SHA1:98AE44B5B386D431FCFCD387689B33F6AE8B3FD3
                                                                                                                              SHA-256:CFB420F7D73658DC312117D3305E2DA45FC0815C216DA874AC2FDB1C12BF3291
                                                                                                                              SHA-512:A29E79F2653FEB5129F905B3E12EBBDBF1095035CA313C4CC7BFF67F61F22039ABBD00B1CFBD1C80715E98A1EC8B81E1A913274D30C8401C50FEFD0AEC7DCC8C
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://cdn.cookielaw.org/consent/b680e9a8-3d45-4e4a-998f-7d05f89e4486/OtAutoBlock.js
                                                                                                                              Preview:!function(){function n(d){for(var f,a,g,b,c=[],e=0;e<x.length;e++){var h=x[e];if(h.Tag===d){c=h.CategoryId;break}var l=(f=h.Tag,b=g=a=void 0,a=-1!==(b=f).indexOf("http:")?b.replace("http:",""):b.replace("https:",""),-1!==(g=a.indexOf("?"))?a.replace(a.substring(g),""):a);if(d&&(-1!==d.indexOf(l)||-1!==h.Tag.indexOf(d))){c=h.CategoryId;break}}if(!c.length&&z){var r=function(k){var v=document.createElement("a");v.href=k;k=v.hostname.split(".");return-1!==k.indexOf("www")||2<k.length?k.slice(1).join("."):.v.hostname}(d);A.some(function(k){return k===r})&&(c=["C0004"])}return c}function m(d){return d&&window.OptanonActiveGroups&&d.every(function(f){return-1!==window.OptanonActiveGroups.indexOf(f)})}function p(d){return-1!==(d.getAttribute("class")||"").indexOf("optanon-category")}function q(d){return d.hasAttribute("data-ot-ignore")}function t(d,f){d=d.join("-");var a=f.getAttribute("class")||"";-1===a.indexOf("optanon-category-"+d)&&(d=w(d,a),f.setAttribute("class",d))}function w(d,f){ret

                                                                                                                              Chrome Cache Entry: 284

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (4201)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):230245
                                                                                                                              Entropy (8bit):5.544719754368935
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:D3DAA5ACCE03C9AF902843E280B0BD0E
                                                                                                                              SHA1:855BC84EE8ADA0F45C907204C58762AA0E74355E
                                                                                                                              SHA-256:D9B1CA79741478B63FCD6ACA07DB6C805EB2B665BFB7E3B95BE884998247C695
                                                                                                                              SHA-512:9D590142489136059392813837213B74E17F77E3E0434C4633D06717F596FDDD5CA866638522C966E4F85A9F0BD9D14435B8F3C1127FFF45815D44390BDC5580
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__rep","vtp_containerId":"DC-4711400","vtp_remoteConfig":["map"],"tag_id":5},{"function":"__ogt_dma","priority":0,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":8},{"function":"__ogt_1p_data_v2","priority":0,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_s

                                                                                                                              Chrome Cache Entry: 285

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:Web Open Font Format (Version 2), TrueType, length 21384, version 1.131
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):21384
                                                                                                                              Entropy (8bit):7.986837797592255
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:5148AA75DAC43A70C0512BB307ADA1CC
                                                                                                                              SHA1:A1C959DAEB71ECA67A420A80CB106EF3474E4E02
                                                                                                                              SHA-256:3BBAEC0CF947AEA822F475E7DBB50579624C8DD1BAD50F33233C79B3F98DF843
                                                                                                                              SHA-512:9AEAED348DD3F00319692A913AB1D7B8ED53849A9A7738FAA1C2CE43AA3C7A09539C37D208E51E0FA56001C515B33BFB0F82BC3D98DD1DE5A79EFD2E0CB250F2
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/o/f/700/MierB03-SubsetEng-Bold.woff2
                                                                                                                              Preview:wOF2......S........@..S#..........................h...L..(.`..D..v........p....6.$..$..... ..V. ..z.3.7.n..X....}..&#...(Q...'..y.C"......g-.1.)nI...s7.@...ju.y.6...{... X- .w..f8aA...b.Sn.0...==.....v.....K..a.z.yx.b..C\7..8.....OR.=.%<Q..*I.~?B}.....$.4.U._.]..i....**3.|.|/..e.S...=.!rB.'7.^......eB.....,..9N.^....K.]q.E..G6..`....e.S.9..W.\...s~.K.`...d.G.f.G ..9.._g......d....U."......l..h9...Q......%.DJD.R.u..W....K}. ....t.P.%..A.(...e.6=9.t_....{......&..I.p.''*.....x..I..`.NTw.:..v.r....^7t....P.)...~..EB.....0P..\.t.J..J]T.........c..C,2.(...|D*..s..:.u.t.p.^.4..MmJ..s...x.a..H.d9.r..TL.....? E`..d....T.<.3.......e]cB....V.H...%)d.I.lx..W.....~..|?ZX..5..-@....H)`.i...B....8..>......z...l.,VK.j..4.B........3.\.7Z....!9.j..z...}.U0D.4w..K..q....._^..].&n.....a,.L......3...Qg....H:.~..j.r..\..7......2..D..'..%.J./a.... }.u..%....$.%]..!U....[..!U.Ey.....5nS..Wnz.}.k......Z.,.7.ng.o....s.0.?..x..O.ov..:..:{u...h..P..X.9..cL**:*.V..~L..j..4R..b

                                                                                                                              Chrome Cache Entry: 286

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (4201)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):230255
                                                                                                                              Entropy (8bit):5.545000796704331
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:FA367DFE305F43128105AB687CCD0EBE
                                                                                                                              SHA1:E06050AA325EEADAC9E64ADD690A6AC133EF69FB
                                                                                                                              SHA-256:5D2E8DF1FB788CA90D50B6F50CEDD197190935223FE947FCCB7024AAA953BE36
                                                                                                                              SHA-512:49B7E8AB4ADA1AC22485DAE644335C8B5A3F5CA43A2DB15C7EABD7F34D1251C9EB9D33D3FD0B52E6AE22F9FD745ACDD899E8BB71E9EA788BA58DB5AEC6876FAC
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://www.googletagmanager.com/gtag/js?id=DC-4711400&l=sdl&cx=c
                                                                                                                              Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__rep","vtp_containerId":"DC-4711400","vtp_remoteConfig":["map"],"tag_id":5},{"function":"__ogt_dma","priority":0,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":8},{"function":"__ogt_1p_data_v2","priority":0,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_s

                                                                                                                              Chrome Cache Entry: 287

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:HTML document, ASCII text, with very long lines (926), with no line terminators
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):926
                                                                                                                              Entropy (8bit):5.61558481400303
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:8FF448C7E86F6815153A5731FFF0CC18
                                                                                                                              SHA1:DECEE112A0C5380C63E977911ACB09007CA10FEB
                                                                                                                              SHA-256:1B588EFA122799135E5EFF116AB1083581AF49052214345FF64A7F9F74C68BCD
                                                                                                                              SHA-512:A8F89DFA2C51C41010C337656FDB9CB90D2DA0685AB13A1F4A1C5375568310E1FD77F9C166B4146AC9EB32D4E7B8E7908EB94E178C75CF4DC760EA04E996411C
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://4711400.fls.doubleclick.net/activityi;dc_pre=CJGzjpDqjYkDFXmDgwcdnnYLSQ;src=4711400;type=globa0;cat=avast0;ord=1;num=5845060352937;npa=0;auiddc=1273320310.1728907433;u2=Product;u7=www.avast.com%2Fen-us%2Flp-safe-emailing;u8=;u17=link;ps=1;pcor=1310711367;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9181661103za200zb868619592;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101529665~101671035~101686685;epver=2;~oref=https%3A%2F%2Fwww.avast.com%2Fen-us%2Flp-safe-emailing%3Ffull_trSrc%3Dmmm_ava_esg_000_361_m%26utm_medium%3Demail%26utm_source%3Dlink%26utm_campaign%3Dsig-email%26utm_content%3Dwebmail?
                                                                                                                              Preview:<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img src="https://adservice.google.com/ddm/fls/z/dc_pre=CJGzjpDqjYkDFXmDgwcdnnYLSQ;src=4711400;type=globa0;cat=avast0;ord=1;num=5845060352937;npa=0;auiddc=*;u2=Product;u7=www.avast.com%2Fen-us%2Flp-safe-emailing;u8=;u17=link;ps=1;pcor=1310711367;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9181661103za200zb868619592;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101529665~101671035~101686685;epver=2;~oref=https%3A%2F%2Fwww.avast.com%2Fen-us%2Flp-safe-emailing%3Ffull_trSrc%3Dmmm_ava_esg_000_361_m%26utm_medium%3Demail%26utm_source%3Dlink%26utm_campaign%3Dsig-email%26utm_content%3Dwebmail"/></body></html>

                                                                                                                              Chrome Cache Entry: 288

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:JSON data
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):77
                                                                                                                              Entropy (8bit):4.688021768582717
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:CFAFCB60E5814A03F9911CD87FF35C4D
                                                                                                                              SHA1:E6DE56D0B3FA91A822B6A89EBD9977DCD5AC6740
                                                                                                                              SHA-256:CEC1380E2283F70909874CA4BEA4668B98E51564EA980FA5C6099B495225DBA5
                                                                                                                              SHA-512:BA968396FD5F07F3B70460B3BED7EBC64E72103072E545B8A6AD7E4E762E96891110CD110D3A0CA935ACF7E0391D64FE39CFAA25C7AD5CAEB91BFCF101ECCB8D
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:{"timestamp":1728907441417,"message":"Request method 'GET' is not supported"}

                                                                                                                              Chrome Cache Entry: 289

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:Unicode text, UTF-8 text, with very long lines (32052)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):82590
                                                                                                                              Entropy (8bit):5.417381419496569
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:D26054658A8488325C5AF1A487B57954
                                                                                                                              SHA1:8E869E758322F6103043C74D8FBFD684E987050B
                                                                                                                              SHA-256:C23B64EC1D247DECF690A9956DCF4073412883F0028346C452B0D9F77DCE6352
                                                                                                                              SHA-512:F65C48DBA0C35AC10E7F29C8CEE52FC279732BDD8F6A66579CB4D445BE04F9D0C9B4FA85B44B970082CA07B04A3CDAC1BA1220735CBC56038F691A1D50944896
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://www.nortonlifelock.com/content/dam/norton-adobe-analytics/prod/s_code_norton_min.js
                                                                                                                              Preview:/*! Norton - v1.0.2 - 2024-07-15 */function s_doPlugins(a){try{_numeric_.utils.strangeTrafficExclude();var b=localStorage.getItem("strangeTrafficExclude");b&&(a.abort=!0)}catch(c){}var d=a.linkURL;if(void 0!==typeof a.linkType&&"d"==a.linkType&&"string"==typeof d){a.pageName&&a.pageName.match(/avira:(.*):downloads:free-products/gi)&&d.match(/(avira_)(.*_)(sptl1_)(.*)(__.*\.exe)/gi)&&(a.linkURL=d=d.replace(/(avira_)(.*_)(sptl1_)(.*)(__.*\.exe)/gi,"$1$2$3$5")),a.events="event1";var e=d.split("/"),f=e[e.length-1],g=f.substr(f.lastIndexOf(".")+1).toLowerCase();a.eVar1="D=c33",a.prop33=d,a.prop46=g,a.prop47="download",a.prop48=f,a.eVar49="D=c48",a.linkTrackVars="events,prop2,prop33,prop41,prop46,prop47,prop48,prop49,prop59,eVar1,eVar18,eVar27,eVar41,eVar48,eVar49,eVar59",a.linkTrackEvents="event1"}else void 0!==typeof a.linkType&&"e"==a.linkType&&(a.linkTrackVars="None",a.linkTrackEvents="None");a.eVar47="s_code_norton "+s_code_file_modified_date,a.prop21=a.getQueryParam("inid"),!a.prop21&&

                                                                                                                              Chrome Cache Entry: 290

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (31962)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):55477
                                                                                                                              Entropy (8bit):5.294822498922847
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:8EEA0CF7554C1E9467CCE387FE39B3EF
                                                                                                                              SHA1:DBB17E8B6B82830EF2F117269B15230CE91A1681
                                                                                                                              SHA-256:AE93FB2C73B6F5CE89630763B7A1EFD671B9226F366B6121C47AEBD95BFF0F25
                                                                                                                              SHA-512:9671AC8348D57D482309CE5E29DAAC6857C82C60FC7FF5088161DFD02C66E9DDD76D8E7E0AF9C86C739BC1F0136D529B0789E4CC71811A7DBC3F7D851A7E3930
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:function loadEmailForm(a){var b="/"+avastGlobals.web.locale;switch(avastGlobals.web.locale){case"en-ww":case"ja-jp":case"ru-ru":case"uk-ua":b=""}fetch("https://"+avastGlobals.web.domain+b+"/email-capture-form",{headers:{Accept:"application/json","X-Requested-With":"XMLHttpRequest"}}).then(function(a){return a.text()}).then(function(b){var c=document.querySelector("#email-capture .modal-body");c.innerHTML=b,c.querySelector("#thank-page").classList.add("d-none"),c.querySelector("#session-note").classList.add("d-none"),c.querySelector("#frm-captcha")&&c.querySelector("#frm-captcha").setAttribute("placeholder",c.querySelector("#form-body").getAttribute("data-code")),a!==undefined&&c.querySelector("#frm-captcha").setAttribute("message",a),initAvastForm()})["catch"](function(a){/captcha/.test(a)&&(document.querySelector("#email-capture #form-body").classList.add("d-none"),document.querySelector("#email-capture #thank-page").classList.add("d-none"),document.querySelector("#email-capture #sess

                                                                                                                              Chrome Cache Entry: 292

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:Unicode text, UTF-8 text, with very long lines (50522), with no line terminators
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):50523
                                                                                                                              Entropy (8bit):5.297134171375771
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:14272A6CDF99BDC079B8EC8097889F49
                                                                                                                              SHA1:2343F9F1D29F3B034F3B8FFB7A92BFFD98A88450
                                                                                                                              SHA-256:73AAA4E6BFC1DBED5F3F934710D1ADA545F4068742235E59D0CB74F0EAF0A3C4
                                                                                                                              SHA-512:BD83B900ACBFB123F485F46DE1692710B7C77DE90739CA3CFAB7A58CF3B71FCD9D97FCCEC6762528886C57A41F101574209F65B2BEF745613F0BCB7D196200A5
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://bat.bing.com/bat.js
                                                                                                                              Preview:function UET(o){this.stringExists=function(n){return n&&n.length>0};this.domain="bat.bing.com";this.domainCl="bat.bing.net";this.URLLENGTHLIMIT=4096;this.pageLoadEvt="pageLoad";this.customEvt="custom";this.pageViewEvt="page_view";o.Ver=o.Ver!==undefined&&(o.Ver==="1"||o.Ver===1)?1:2;this.uetConfig={};this.uetConfig.consent={enabled:!1,adStorageAllowed:!0,adStorageUpdated:!1,hasWaited:!1,waitForUpdate:0,enforced:!1};this.uetConfig.tcf={enabled:!1,vendorId:1126,hasLoaded:!1,timeoutId:null,gdprApplies:undefined,adStorageAllowed:undefined,measurementAllowed:undefined,personalizationAllowed:undefined};this.uetConfig.cusig={hasLoaded:!1,timeoutId:null,blob:{}};this.beaconParams={};this.supportsCORS=this.supportsXDR=!1;this.paramValidations={string_currency:{type:"regex",regex:/^[a-zA-Z]{3}$/,error:"{p} value must be ISO standard currency code"},number:{type:"num",digits:3,max:999999999999},integer:{type:"num",digits:0,max:999999999999},hct_los:{type:"num",digits:0,max:30},date:{type:"regex",

                                                                                                                              Chrome Cache Entry: 293

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):8
                                                                                                                              Entropy (8bit):2.5
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:402E7A087747CB56C718BDE84651F96A
                                                                                                                              SHA1:7CE01F6381463362CF6AEF2F843A59261E8F5587
                                                                                                                              SHA-256:662EFAF46C617DDBCB8FF4A2A8F64CFFD3D93630F1003F8E66511F369B87730F
                                                                                                                              SHA-512:5080D776D0B123F20E97D44472EF2343BC022105AA67FC802B71668BAEB74A81530355589D50B1142165D17EF995AEAC196B6C15136D518A1EC0ABFA13C91D10
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://8-46-123-33_s-2-16-164-88_ts-1728907439-clienttons-s.akamaihd.net/eum/results.txt
                                                                                                                              Preview:Success!

                                                                                                                              Chrome Cache Entry: 296

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:Web Open Font Format (Version 2), TrueType, length 20380, version 1.131
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):20380
                                                                                                                              Entropy (8bit):7.9917391274857446
                                                                                                                              Encrypted:true
                                                                                                                              SSDEEP:
                                                                                                                              MD5:53E1D69438CDD1D1F14394539A80E625
                                                                                                                              SHA1:21CFA22D0DE9907DFCCA0220D4678A7CCE58D922
                                                                                                                              SHA-256:C18B8A1FF97ECF28C4FD06BB2424188166116BC36FE87759CF8395FD2DF114BB
                                                                                                                              SHA-512:B01C6C5DD7C8BC8CFBCB8C845F17EDD8EA629A238C9D2AED07011557E701CEA8DCBA2353E31B97AA1B5AE1D964898EAC27B756187E6931FBF37A9619B5551BF3
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/o/f/800/MierB03-SubsetEng-ExtraBold.woff2
                                                                                                                              Preview:wOF2......O...........O8..........................n...R..(.`..D..v........|..+.6.$..$..... ..\. ..z....6.z.......;.!l...d'...a..6........j.!....Z.y..dTj..A;%.B..:..)...\.h..e>...X#.........k....h)..4..s..q9<.2.x8L..`R.b.#Uy`.t`..7....}.8..G....0..E`...:I......_..{...!./.:...&..c*.'1...H...E:.Z}Q.......Z.>..I.8.C.).&W...._9.=...w..)...DI..D.`.*..X.F....l."......=...1..O..-..$S.@..<.....O......._....I..{..vfvO....k.R..t...H.v.5!...}..p.....c.....i.m..K..D.R. ..J_#Q..&.T. ..&F..#.^u0.T].4..'........$.....:..g.ye.}..;....'o\Dp...w.n.......?.4..........T@.I...(5n.9.mzr.*U....@..3..P.e).........NY|......LS.Lk.a[y..jD.......d.J...l.1.+....f..;..v.....:.....U4`r.E.M3....{o....%...X,(....b.i.P_;..... ...2.M3('J.....r.h\t..c.t.r.rY.}a.OO.X.`A..A.~.^&>..2.j......-....V$...nT........W...."... u.h \..K#D.t...cL...1..y !~.q......f.d.7>.....W.d.GDRDN.h."q......G.$ I...)H.!H..$K6...H.".m8.U..0.7.$..Sq3T....5..@5.V..A#.Y'.(.....Y.[b.n...2.p+..=.Q..IA..

                                                                                                                              Chrome Cache Entry: 297

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:JSON data
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):4760
                                                                                                                              Entropy (8bit):5.134366289913247
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:030F7E7CEB148D11E84519535F77DD28
                                                                                                                              SHA1:6B28BEB11464D368E5134C7409D326CCA9498097
                                                                                                                              SHA-256:2A69FA40DF3BB8AC5308A08D1926CA2EF336C64D5B567057D879F3CA10B4E236
                                                                                                                              SHA-512:3629BF16D8010056F4F01DEADABAA64FB76798B7647CAB07E90456EF366F17F884D3C53F70E803E51BC0EB76DFEBD1A037BFD06B435CA06F4A4C402E9FA6BAD9
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:{"h.key":"9K3EU-JY7U6-TD3RC-2KCEC-AH4A8","h.d":"avast.com","h.t":1728907436573,"h.cr":"994737b9b8025df95ecb39e020dbb9aba684beff-fc2eda42-f3212ea","session_id":"7ff56e03-7364-4fa6-a264-2b4c2b8c6086","site_domain":"avast.com","beacon_url":"//684dd325.akstat.io/","autorun":true,"strip_query_string":true,"beacon_interval":60,"BW":{"enabled":false},"RT":{"session_exp":1800},"ResourceTiming":{"enabled":true,"splitAtPath":true},"Continuity":{"enabled":true,"waitAfterOnload":3000},"PageParams":{"xhr":"none","pageGroups":[{"type":"Regexp","parameter1":"https?://www.(avast|avg).(ru|ae|co.jp|com)/([\\w]{2})-([\\w]{2})/privacy-policy","parameter2":"Privacy Policy","on":["navigation"]},{"type":"Regexp","parameter1":"https?://www.(avast|avg).(ru|ae|co.jp|com)/privacy-policy","parameter2":"Privacy Policy","on":["navigation"]},{"type":"Custom","parameter1":"dataLayer[0].pageGroup","on":["navigation"]},{"type":"Custom","parameter1":"dataLayer[1].pageGroup","on":["navigation"]},{"type":"Custom","paramet

                                                                                                                              Chrome Cache Entry: 300

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (1054)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):1104
                                                                                                                              Entropy (8bit):5.266755055012912
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:9C64B9822379D47CE035A6AF336F3BB3
                                                                                                                              SHA1:11B74352A62B992AA475BF4E32D9F81144A5540F
                                                                                                                              SHA-256:006ED2C4740ACCC90527119D5924424935D1724A723AEF381CCC5050E7BB1B00
                                                                                                                              SHA-512:37206BB24D77604DF47E548F91EA9CE80676349655BFB217600606532727E2296C3E600E90F827DA13D71199FA272474B5B875521473A2712FB121A66FB7F0E5
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/c/v2/avast/pages/lp-safe-emailing.css
                                                                                                                              Preview:#hero{background-image:url("../../../../i/v2/aim/bg/lp-safe-emailing/hero@2x.jpg?width=576&fcwidth=1152");background-repeat:no-repeat;background-size:cover}@media (min-width: 576px){#hero{background-image:url("../../../../i/v2/aim/bg/lp-safe-emailing/hero@2x.jpg?width=576&fcwidth=1152&fcheight=2000")}}@media (min-width: 768px){#hero{background-image:url("../../../../i/v2/aim/bg/lp-safe-emailing/hero@2x.jpg?width=768&fcwidth=1536&fcheight=2000")}}@media (min-width: 992px){#hero{background-image:url("../../../../i/v2/aim/bg/lp-safe-emailing/hero@2x.jpg?width=992&fcwidth=1984&fcheight=2000")}}@media (min-width: 1280px){#hero{background-image:url("../../../../i/v2/aim/bg/lp-safe-emailing/hero@2x.jpg?width=1280&fcwidth=2560&fcheight=2000")}}@media (min-width: 1366px){#hero{background-image:url("../../../../i/v2/aim/bg/lp-safe-emailing/hero@2x.jpg?width=1366&fcwidth=2732&fcheight=2000")}}@media (min-width: 1600px){#hero{background-image:url("../../../../i/v2/aim/bg/lp-safe-emailing/hero@2x.j

                                                                                                                              Chrome Cache Entry: 304

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (5945)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):270279
                                                                                                                              Entropy (8bit):5.572224404610152
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:F2CA63F6AC06C368DF53D4155914DA6B
                                                                                                                              SHA1:EF9BC3CEB3F80A11110C07666AAA2BF8FF2EB089
                                                                                                                              SHA-256:84EC2719BE76DBBEE8E47A325A4A32117053460775ABBE1480F011C8F3EB3A12
                                                                                                                              SHA-512:2A18819751F3A3EE5732003CA84E7F4C6049560110803B45257BCF7381A0C8DFC6913077FC5FC366B1FCC14D72EC4CF674A115C1B2EB38F2FFB866A8210B5CD0
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://www.googletagmanager.com/gtag/js?id=G-EHN06THR2Y&l=dataLayer&cx=c
                                                                                                                              Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"5",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_auto_events","priority":16,"vtp_enableScroll":false,"vtp_enableOutboundClick":false,"vtp_enableDownload":false,"vtp_enableHistoryEvents":false,"vtp_enableForm":false,"vtp_enableVideo":false,"vtp_enablePageView":true,"tag_id":10},{"function":"__ogt_cross_domain","priority":16,"vtp_rules":["list","avast\\.co\\.jp","avast\\.ua","avast\\.ru"],"tag_id":12},{"function":"__ogt_1p_data_v2","priority":6,"vtp_isEnabled":false,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":t

                                                                                                                              Chrome Cache Entry: 305

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (65316)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):357772
                                                                                                                              Entropy (8bit):5.554735829256767
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:74685C6B67511F042F4C4FAB2786437E
                                                                                                                              SHA1:ADC022A26829673FF574849181D60BC252AD9664
                                                                                                                              SHA-256:3F16D5DD00214426E3195A0F6ACD13EA61ED0DA4007C1BF7477D5F93B36FAD58
                                                                                                                              SHA-512:A8175F640FB65BE0690C4888362B994DC0C9A6CF49B672454BFEDAB1DF29114590E8E4ACBA3252A1046D438CAFFE85BAC8D055450DEF70DC29C0711768CC2F82
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://www.googletagmanager.com/gtm.js?id=GTM-WPC6R3K&l=sdl
                                                                                                                              Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"120",. . "macros":[{"function":"__e"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"error.message"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"error.type"},{"function":"__u","vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__jsm","vtp_javascript":["template","(function(){var a=\"G-12345678\",b=window.location.hostname,c=window.location.pathname;if(\/\\.avast\\.(com|ua|ru|co\\.jp)\/.test(b))a=\"G-WZQ6MQ6RF3\";else if(\/.avg.com\/.test(b))a=\"G-0DKJC5WS6X\";else if(\/.checkout-(stage|dev).avast.com\/.test(b)||0===c.indexOf(\"\/www.avast.com\"))a=\"G-PWZC03G2WC\";else if(\/.checkout-(stage|dev).avg.com\/.test(b)||0===c.indexOf(\"\/www.avg.com\"

                                                                                                                              Chrome Cache Entry: 307

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:GIF image data, version 89a, 30 x 30
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):23428
                                                                                                                              Entropy (8bit):7.305620823779635
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:7831E2F65B70043CB580CFDA4B9327F8
                                                                                                                              SHA1:F08F80F7BE8BEE3728BFD5F77AABD10646CC8430
                                                                                                                              SHA-256:94089202BEC0ECC1B91B2F8A812B0F833D01345CEBC2BF1A82041BB0D6FB83C1
                                                                                                                              SHA-512:C0A151F360B586D0A3D06AFAFAAB42E240DBD540D4E1D66B2C066A65A24DA0DEA3ED3B470EDF161D9BFB91CD8DB8E6DCE8420447380F8E9F982F6DB553AE4E81
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/i/v2/components/icons/others/spinner-dark.gif
                                                                                                                              Preview:GIF89a............*..*..*..*..*..*..+..+..+..+..+..+..*..*..*..*..*..*..)..). ).!).!(."(."(."'.#'.#'.$'.%'.%'.%& && &&!&&"&&"&&#'&$'&$'&%(%&(%&(%'(%))%*)$,*$/+#2,#6."9/";0!>1!@1!B2 C3 D3 D3 E4 F4.G4.I5.L6.O7.S9.X:.[<._=.b>.d?.e?.g@.jA.lB.nB.oC.pC.rD.sE.uE.xF.{G..H..I..J..J..K..M..O..Q..R..S..U..U..V..V..X..Y..[..]..^.._..`..`..a..a..a..c..d..f..i..k..k..l..l..l..m..m..m..m..m..n..n..o..p..r..s..t..u..v..w..w..w..w..w..w..w..w..w..w..w..x..x..x..y..z..}..1.I..e...........................................................................................................................................................................................................................................................................................................................!..NETSCAPE2.0.....!.......,...............H.......x.....b...3...]$J.r.`...5j..c...&..9.D...n..hS....*...r..H'....z.`..H..<"F...}....P...i. .#...I..i....6..TyB6!.8}..H7.(J..@.../..T.A.......,.n..*,.T..q..%...x...

                                                                                                                              Chrome Cache Entry: 308

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (522)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):560
                                                                                                                              Entropy (8bit):5.013745794906588
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:461562BD94A1F7A5082C6D0BE671839A
                                                                                                                              SHA1:2D8C49D1DF6CB9B296371D7900B954E68CE0BCF1
                                                                                                                              SHA-256:0758A0F5B7FEC4E8A57359EFBE094C4E8222E8DA7DEAAAE88EA2B560F511AF10
                                                                                                                              SHA-512:CA8E1D664EC2E3EE972D95690A607CD1EC3DC952AE7EE9D56AD57F20A3259F3A4E866179BFEC7582DDDCF7145C551D486FAE34614FDD234B17744E44C98BF7B9
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:!function(){"use scrict";function a(a,b){"function"==typeof trackCustomDownload&&trackCustomDownload(a,b,"")}document.querySelectorAll('[data-role="download-link"]').forEach(function(b){b.addEventListener("click",function(){a(this.href,this.getAttribute("data-download-name"))})}),window.addEventListener("actionbox-updated",function(b){b.detail.element.querySelectorAll('[data-role="download-link"]').forEach(function(b){b.addEventListener("click",function(){a(this.href,this.getAttribute("data-download-name"))})})})}();.//# sourceMappingURL=aa-helper.js.map

                                                                                                                              Chrome Cache Entry: 311

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:SVG Scalable Vector Graphics image
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):26798
                                                                                                                              Entropy (8bit):4.329178043120524
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:4F9AA794D351AB075B5A5F807694061E
                                                                                                                              SHA1:AB88ED1DAD41E92970D60A3394C94041BBEE2BD1
                                                                                                                              SHA-256:BA6A509DB0F516222159DFEA4333B02D892238D7055EF287F3EEEBC2311FE17A
                                                                                                                              SHA-512:D8861794A51142C75A1A3198C592295172D363E5AD8303C16FFEE1E417E77C07105D8E2518F57B521B3E0C35AAC7D58091AC59C029395DAC6E6A00E3C0D53E77
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:<svg width="624" height="184" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M2.614 12.045h18.749m0 0l-6.511-5.737m6.511 5.737l-6.511 5.737M332 96.4v-5.2m0-2.5v-1.1m9 4.4c0-4.936-4.055-9-9-9-4.91 0-9 4.095-9 9 0 4.9 4.1 9 9 9 4.936 0 9-4.069 9-9z" stroke="#071D2B" stroke-width="1.2" stroke-linecap="round" stroke-linejoin="round"/><path d="M369.398 128.259l-.307.515 1.03.615.307-.515-1.03-.615zm3.044 7.395a.6.6 0 00-1.2 0h1.2zm-1.2.874a.6.6 0 101.2 0h-1.2zm1.911-4.989l-.351-.487.351.487zm.334-1.823c0 .55-.269 1.036-.685 1.336l.702.974a2.844 2.844 0 001.183-2.31h-1.2zm-1.645-1.644c.908 0 1.645.736 1.645 1.644h1.2a2.844 2.844 0 00-2.845-2.844v1.2zm-.6 5.289v.4h1.2v-.4h-1.2zm-.814-4.487a1.645 1.645 0 011.414-.802v-1.2c-1.04 0-1.948.557-2.444 1.387l1.03.615zm.814 6.78v.874h1.2v-.874h-1.2zM372 123.6c4.613 0 8.4 3.795 8.4 8.4h1.2c0-5.267-4.323-9.6-9.6-9.6v1.2zm8.4 8.4c0 4.6-3.796 8.4-8.4 8.4v1.2c5.267 0 9.6-4.337 9.6-9.6h-1.2zm-8.4 8.4c-4.569 0-8.4-3.831-8.4-8.4h-1.2c0 5.232 4.368 9.

                                                                                                                              Chrome Cache Entry: 313

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:SVG Scalable Vector Graphics image
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):27305
                                                                                                                              Entropy (8bit):4.331453617416263
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:BBF3434B0B1532EB7564BDDDBADF606F
                                                                                                                              SHA1:9803D0C2E33255120B289629C1AF890834D1A373
                                                                                                                              SHA-256:DF7B757CEBEDAE364F40D0C0C87B10DCD1440732C8FF1055ECA26D24F57A4C4B
                                                                                                                              SHA-512:276F84ED01492DD34DE1BB77306CFEDED6674A9BC5EC9AB0831B6F4C90BE2837C8D3EE158E8ABEF34CACC33C373E3DC0D17DBF6D32EF09756DBFA04E6AB9C9BE
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:<svg width="752" height="224" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M3.521 15.98h25m0 0l-8.683-7.65m8.682 7.65l-8.681 7.65m56.64-7.61h-25m0 0l8.682 7.65m-8.681-7.65l8.681-7.65M160.021 5v22m0 0l7.649-8.682M160.021 27l-7.65-8.682M112.021 27V5m0 0l7.649 8.682M112.021 5l-7.65 8.682" stroke="#071D2B" stroke-width="1.2" stroke-linecap="round" stroke-linejoin="round"/><path d="M57.5 121.6c-.7 0-1.234-.217-1.6-.65-.4-.4-.6-.917-.6-1.55 0-1.2.783-2.533 2.35-4 1.666-1.567 3.766-2.35 6.3-2.35 2.533 0 4.616.783 6.25 2.35 1.6 1.467 2.4 2.8 2.4 4 0 .6-.183 1.083-.55 1.45-.334.467-.8.717-1.4.75H57.5zm6.45-11.5c1.2 0 2.233-.433 3.1-1.3.833-.833 1.25-1.833 1.25-3 0-1.2-.417-2.217-1.25-3.05-.867-.9-1.9-1.35-3.1-1.35-1.2 0-2.234.45-3.1 1.35-.834.833-1.25 1.85-1.25 3.05 0 1.167.416 2.167 1.25 3 .866.867 1.9 1.3 3.1 1.3z" stroke="#071D2B" stroke-width="1.2"/><path d="M25.05 112.1v7.55a1.8 1.8 0 01-1.8 1.8h-4.9v-7.55h-4.6v7.55h-4.9a1.8 1.8 0 01-1.8-1.8v-7.55m-1.95-1.5l9.087-9.087a2.6 2.6 0

                                                                                                                              Chrome Cache Entry: 314

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:PNG image data, 767 x 554, 8-bit/color RGBA, non-interlaced
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):42182
                                                                                                                              Entropy (8bit):7.942215223817182
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:0495ED911DB87B4B70E903CC0C767B62
                                                                                                                              SHA1:892D8723110EB6BD968ED6DAEC2333EF65C8EAB3
                                                                                                                              SHA-256:F30E5E82C17BF012ECC031776338D2B97CC2058382EDE138EF97CB35774219D2
                                                                                                                              SHA-512:4D9D447E1C4A89F8A74BA477961C539CB3372E0B338C4B39B4B794CF66120FA2A3214B923781B5A9D43A2F3EEC1F8E1C12EE9836D60179B4C088CEB123A9A065
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:.PNG........IHDR.......*.......%.....orNT..w.....IDATx...]lc.'...w.*..W...4.R..Hj..9.f!.{{......MZ....bM. .(.f.dl....>..A...p..R]%q...7s.dR.3.>.9v.%i/.....w..{.nU..}r...E}.>H.~..@....TIz.w=.............l..U....Z.....e.CDD4(.v.DDW.'.L&.*yG.k..q.M..E..T...}>4.j;.j;.*..V...H...H.i...... .....&...".iqb.:NA4....0."..<T\....I..V....jC.RE."ZU.....J.....xb.OD...}..l6.....cnB...w...Yy..j.....D.........R.........].....$.|... .C.p.DY.....J;...}i A(...@...V.....Jk|.w.Y.Y.mi...*.j.4I.U.+.|...Z.L...k..b..rP@DD..."....w.....u.p.3..K'..*T*.....S.A5J..........[.....q.MU./?@.@..U.(.~.....tb.ODW.D.../.H...Nh*......F._.....5V...a.3......w@.......&".hL....v|......3..hA/.t..|k.UL5......|.w[......].k...[..."........|.....|....k."....q2e4..NZ....F..A....q>;.Z....._Z.V....i.."".<&.Dt...;.U...`t.\Ib...D.|.~#.:..........H.......Txg..h.0.'"..n.V4.."*.A...@..X...e'|[f.?........0..s..h...6..m...A...hc.O4.v|.n..`LT.s.o.../..J.uXa.?....(.(.......PV._......DD...?..yQ....|.

                                                                                                                              Chrome Cache Entry: 318

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:JSON data
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):9507
                                                                                                                              Entropy (8bit):5.3592270038592424
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:4D67D7FCE83E8D073C84E4D5B5936E71
                                                                                                                              SHA1:E02711957EA1C637BE41485526C65E4B56C55FD3
                                                                                                                              SHA-256:1DA25CF82F065474AADCE40A8C7369F6DF48E1847CB95C21BD9083488EFF7390
                                                                                                                              SHA-512:1E9D7565BEF92D1C2DA126245D6392176D29A4BE7F1B4623FB367B4C345AA5381EB9022ECD3317CC946B48E2AF89073C80EDCEE0FC121073C88643B191D8E4D0
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:. {. "name": "otCenterRounded",. "html": "PGRpdiBpZD0ib25ldHJ1c3QtYmFubmVyLXNkayIgY2xhc3M9Im90Q2VudGVyUm91bmRlZCI+PGRpdiBjbGFzcz0ib3Qtc2RrLWNvbnRhaW5lciIgcm9sZT0iYWxlcnRkaWFsb2ciIGFyaWEtZGVzY3JpYmVkYnk9Im9uZXRydXN0LXBvbGljeS10ZXh0Ij48ZGl2IGNsYXNzPSJvdC1zZGstcm93Ij48ZGl2IGlkPSJvbmV0cnVzdC1ncm91cC1jb250YWluZXIiIGNsYXNzPSJvdC1zZGstdHdlbHZlIG90LXNkay1jb2x1bW5zIj48ZGl2IGlkPSJvbmV0cnVzdC1wb2xpY3kiPjxkaXYgY2xhc3M9ImJhbm5lci1oZWFkZXIiPjxkaXYgY2xhc3M9ImJhbm5lcl9sb2dvIj48L2Rpdj48L2Rpdj48aDIgaWQ9Im9uZXRydXN0LXBvbGljeS10aXRsZSI+VGl0bGU8L2gyPjxwIGlkPSJvbmV0cnVzdC1wb2xpY3ktdGV4dCI+dGV4dDxhIGhyZWY9IiMiPnBvbGljeTwvYT48L3A+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRhaW5lciI+PGgzIGNsYXNzPSJvdC1kcGQtdGl0bGUiPjwvaDM+PGRpdiBjbGFzcz0ib3QtZHBkLWNvbnRlbnQiPjxwIGNsYXNzPSJvdC1kcGQtZGVzYyI+PC9wPjwvZGl2PjwvZGl2PjwvZGl2PjxkaXYgaWQ9ImJhbm5lci1vcHRpb25zIj48ZGl2IGNsYXNzPSJiYW5uZXItb3B0aW9uIj48YnV0dG9uIGFyaWEtZXhwYW5kZWQ9ImZhbHNlIiBjbGFzcz0iYmFubmVyLW9wdGlvbi1pbnB1dCI+PHNwYW4gY2xhc3M9ImJhb

                                                                                                                              Chrome Cache Entry: 319

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (507)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):564
                                                                                                                              Entropy (8bit):5.211791505557494
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:6F297628D16D290B8E7ABBA6E0D14418
                                                                                                                              SHA1:CBD26C2F89D8B20B59C3207C194E02AAE4129A6B
                                                                                                                              SHA-256:004117AAECBA073980EDE51093E287A9F1C91A1B55B23795A4FD5443AD1294B6
                                                                                                                              SHA-512:B07B3E87964B20982F0BE0976761A08F9527CE05C0F272569A5CA87545C2FA698B62C0894D62FF95DC063FB2C8EDC4ACFC61CFA9C5CEAAC378E88A6AEB34773E
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/j/lp/lp-safe-emailing-gloweb-8807.js
                                                                                                                              Preview:(function(){"use strict";function a(){"undefined"!=typeof avastGlobals.client&&(window.location.href="lp-safe-emailing-win-browser?brcmpgid=6306")}window.addEventListener("clientLoaded",function(){a()}),a()})(),function(){"use strict";var a=(avm.require("jquery"),"undefined"!=typeof window.avastGlobals?window.avastGlobals:{}),b=a.detect;"undefined"!=typeof a.web&&(b.os.isAndroid||b.os.isIOS)?window.location.href="https://avast.sng.link/Dp3jo/4129/jvio":window.dataLayer.push({event:"notRedirected"})}();.//# sourceMappingURL=lp-safe-emailing-gloweb-8807.js.map

                                                                                                                              Chrome Cache Entry: 320

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:HTML document, ASCII text, with no line terminators
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):13
                                                                                                                              Entropy (8bit):2.7773627950641693
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:C83301425B2AD1D496473A5FF3D9ECCA
                                                                                                                              SHA1:941EFB7368E46B27B937D34B07FC4D41DA01B002
                                                                                                                              SHA-256:B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
                                                                                                                              SHA-512:83BAFE4C888008AFDD1B72C028C7F50DEE651CA9E7D8E1B332E0BF3AA1315884155A1458A304F6E5C5627E714BF5A855A8B8D7DB3F4EB2BB2789FE2F8F6A1D83
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://td.doubleclick.net/td/ga/rul?tid=G-WZQ6MQ6RF3&gacid=885632441.1728907436&gtm=45je4a90v894455947za200zb868619592&dma=0&gcs=G111&gcd=13v3v3v3v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101671035~101686685&z=1865592803
                                                                                                                              Preview:<html></html>

                                                                                                                              Chrome Cache Entry: 321

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (868)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):907
                                                                                                                              Entropy (8bit):5.141172262392172
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:C2C5664B901FFFF97EB8947C31A48F25
                                                                                                                              SHA1:2839377375905B6A5F0F694FE03BBF28C97BA616
                                                                                                                              SHA-256:B0EF0E27A5C95C2F0B31ED806A81D3832BF6EDD849DE628C400C7009F4F03022
                                                                                                                              SHA-512:270B9BB8B8281913F73F569E1D7DF6B9F2C698591121976AF13D058746DA412F7E455A992C3E31C155DA128BD45DBC6CF3CC6F88B750B12DEA4D07F99FA676E7
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/c/v2/avast/local/en-us/local.css
                                                                                                                              Preview:@font-face{font-family:"MierB03";src:url("../../../../../o/f/400/MierB03-SubsetEng-Regular.woff2") format("woff2"),url("../../../../../o/f/400/MierB03-SubsetEng-Regular.woff") format("woff");font-style:normal;font-weight:400;font-display:swap}@font-face{font-family:"MierB03";src:url("../../../../../o/f/700/MierB03-SubsetEng-Bold.woff2") format("woff2"),url("../../../../../o/f/700/MierB03-SubsetEng-Bold.woff") format("woff");font-style:normal;font-weight:700;font-display:swap}@font-face{font-family:"MierB03";src:url("../../../../../o/f/800/MierB03-SubsetEng-ExtraBold.woff2") format("woff2"),url("../../../../../o/f/800/MierB03-SubsetEng-ExtraBold.woff") format("woff");font-style:normal;font-weight:800;font-display:swap}body{font-family:"MierB03", "Helvetica", "Arial", sans-serif}img[width="1"][height="1"].optanon-category-C0004{position:absolute;left:-100vw}../*# sourceMappingURL=local.css.map */

                                                                                                                              Chrome Cache Entry: 322

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:SVG Scalable Vector Graphics image
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):26075
                                                                                                                              Entropy (8bit):4.373872319729878
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:F2F5E2D15E4880710C6416C51393A38F
                                                                                                                              SHA1:3A66F0F8BDC994B597A44107D885B9481121336A
                                                                                                                              SHA-256:3E8207BDB63436BB44EEACF45FEEC9B145A411ACF42EB3AC972D9D7BB43DD83B
                                                                                                                              SHA-512:0B1D066D38F8565B8D468E1C1B0BD3BADF9DA02505F8FA1AAF72F5B8EB3108C826CD452BACBA1D4959DCEB548995A75F783D96A1DA757675CB3EC18553A3D709
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/web/i/v2/components/icons/sprites/icons-16.svg?v5
                                                                                                                              Preview:<svg width="496" height="144" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M1.75 8h12.5m0 0L9.5 3.75M14.25 8L9.5 12.25M301.45 8H296m0 0v5.45M296 8h-5.425M296 8V2.575M332 38l-3.53 3.441a.8.8 0 01-1.131-.014L324 38m-32 4l3.53-3.441a.8.8 0 011.131.014L300 42" stroke="#071D2B" stroke-width="1.2" stroke-linecap="round" stroke-linejoin="round"/><circle cx="424" cy="136" r="3" fill="#071D2B"/><path d="M201.371 68.133v-2.2m0 2.2h1.063a1.4 1.4 0 011.4 1.4v1.037m-2.463-2.437h-2.87m-4.633 2.437h2.2m0 0v-1.037a1.4 1.4 0 011.4-1.4h1.033m-2.433 2.437v2.9m2.433-5.337v-2.2m-4.633 7.537h2.2m0 0v.997a1.4 1.4 0 001.4 1.4h1.033m0 2.166v-2.166m0 0h2.9m2.433-2.397h2.167m-2.167 0v.997a1.4 1.4 0 01-1.4 1.4h-1.033m2.433-2.397v-2.9m2.167 0h-2.167m-2.433 5.297v2.166m-2.933-7.5h2.966v2.934h-2.966v-2.934zm-67.659 2.371V67.7a1.2 1.2 0 011.2-1.2h7.113a1.2 1.2 0 011.2 1.2v.229m-11.047 7.004h6.203m7.249.778h-4.809m4.809 0v-4.35a1.2 1.2 0 00-1.2-1.2h-2.409a1.2 1.2 0 00-1.2 1.2v4.35m4.809 0V76.8a1.2 1.2 0 01-

                                                                                                                              Chrome Cache Entry: 323

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (11123)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):21595
                                                                                                                              Entropy (8bit):4.996635198401547
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:487143B593B69C366E88F0D6F37A7521
                                                                                                                              SHA1:24C38C758BD6EC62B838E5E9FB4A3D7A9E2ACB17
                                                                                                                              SHA-256:8EDBD08B9BB87F815AD871E44AAE03AF609FC44B1961D608E94EFF3F4E010375
                                                                                                                              SHA-512:531294B797609050BBA3CB476A478E653D177BC09643C1E4C78CA38AD6401F1C6646F727D73A612C6A2CDA2086D5E33D8118AFE97FB1459FFBF42AD748DC4D76
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://cdn.cookielaw.org/scripttemplates/6.33.0/assets/otCommonStyles.css
                                                                                                                              Preview:#onetrust-banner-sdk{-ms-text-size-adjust:100%;-webkit-text-size-adjust:100%}#onetrust-banner-sdk .onetrust-vendors-list-handler{cursor:pointer;color:#1f96db;font-size:inherit;font-weight:bold;text-decoration:none;margin-left:5px}#onetrust-banner-sdk .onetrust-vendors-list-handler:hover{color:#1f96db}#onetrust-banner-sdk:focus{outline:2px solid #000;outline-offset:-2px}#onetrust-banner-sdk a:focus{outline:2px solid #000}#onetrust-banner-sdk #onetrust-accept-btn-handler,#onetrust-banner-sdk #onetrust-reject-all-handler,#onetrust-banner-sdk #onetrust-pc-btn-handler{outline-offset:1px}#onetrust-banner-sdk .ot-close-icon,#onetrust-pc-sdk .ot-close-icon,#ot-sync-ntfy .ot-close-icon{background-image:url("data:image/svg+xml;base64,PHN2ZyB2ZXJzaW9uPSIxLjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IiB3aWR0aD0iMzQ4LjMzM3B4IiBoZWlnaHQ9IjM0OC4zMzNweCIgdmlld0JveD0iMCAwIDM0OC4zMzMgMzQ4LjMzNCIgc3R5bGU9ImVuYWJsZS1iYWNrZ3

                                                                                                                              Chrome Cache Entry: 324

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:Unicode text, UTF-8 text, with very long lines (29815)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):29861
                                                                                                                              Entropy (8bit):5.311692723363734
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:E0E5C7B79DF9903CE778501236FDA0DB
                                                                                                                              SHA1:18BFDCFAA9BA2B8E774A7B1F2B6AEA3A4523BF14
                                                                                                                              SHA-256:06E662E50C3A5F724FEA59572C7B8B3CAADDED16260EF8D16BFC0843CE12507F
                                                                                                                              SHA-512:EE982EDFDEBB12E18F201AD6FDB4C7FB8C00233D987CFE28BAD4CBAC1CA9D9F25E289AD8CCF460959047E55CE90AC65B70EE835BC0EFEADBE62413F823102949
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:!function(a,b){"object"==typeof exports&&"undefined"!=typeof module?module.exports=b():"function"==typeof define&&define.amd?define(b):(a=a||self,a.BSN=b())}(this,function(){"use strict";function a(a,b){a.classList.add(b)}function b(a,b){a.classList.remove(b)}function c(a,b){return a.classList.contains(b)}function d(a,b,c,d){d=d||!1,a.addEventListener(b,c,d)}function e(a,b,c,d){d=d||!1,a.removeEventListener(b,c,d)}function f(a,b,c,f){d(a,b,function g(d){d.target===a&&(c(d),e(a,b,g,f))},f)}function g(a,b,c){var d=new CustomEvent(a+".bs."+b,{cancelable:!0});return d.relatedTarget=c,d}function h(a){this&&this.dispatchEvent(a)}function i(a,b){return[].slice.call(a.getElementsByClassName(b))}function j(a,b){var c=b||document;return a instanceof Element?a:c.querySelector(a)}function k(a){var b=G?window.getComputedStyle(a)[I]:0;return b=parseFloat(b),b="number"!=typeof b||isNaN(b)?0:1e3*b}function l(a,b){var c=0;k(a)?f(a,H,function(a){!c&&b(a),c=1}):setTimeout(function(){!c&&b(),c=1},17)}func

                                                                                                                              Chrome Cache Entry: 326

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (65450)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):130354
                                                                                                                              Entropy (8bit):5.369976186291253
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:2427DEF67CE3688BC0D39E330CDE71C7
                                                                                                                              SHA1:B569FF22EB59EE9234E12CF68126BFFA9276D51D
                                                                                                                              SHA-256:6333EF8BED1C7F976C43B2452046ABEE34C3EB6B13F2EF0EE41CB39F3BBD41E6
                                                                                                                              SHA-512:38E91726E9D7A7FC5837C9578B2114E68FF5D7EF00A2AD4BAFA926961FA601436C05BB034803A4D30E6189FB8B39660AAA2AC08D574341613AB6E1FCF06BDBD4
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://script.hotjar.com/modules.02161fb4f8ebb73fb3f8.js
                                                                                                                              Preview:/*! For license information please see modules.02161fb4f8ebb73fb3f8.js.LICENSE.txt */.!function(){var e={4788:function(e,t,n){"use strict";n.d(t,{s:function(){return r}});const r=Object.freeze({IDENTIFY_USER:"identify_user",AUTOTAG_RECORDING:"autotag_recording",TAG_RECORDING:"tag_recording",HEATMAP_HELO:"heatmap_helo",RECORDING_HELO:"recording_helo",REPORT_USER_ID:"report_user_id",MUTATION:"mutation",MOUSE_CLICK:"mouse_click",INPUT_CHOICE_CHANGE:"input_choice_change",KEY_PRESS:"key_press",MOUSE_MOVE:"mouse_move",RELATIVE_MOUSE_MOVE:"relative_mouse_move",CLIPBOARD:"clipboard",PAGE_VISIBILITY:"page_visibility",SCROLL_REACH:"scroll_reach",SCROLL:"scroll",SELECT_CHANGE:"select_change",VIEWPORT_RESIZE:"viewport_resize",SCRIPT_PERFORMANCE:"script_performance",REPORT_CONTENT:"report_content",INSERTED_RULE:"inserted_rule",DELETED_RULE:"deleted_rule"})},6939:function(e,t,n){"use strict";n.d(t,{f:function(){return f},W:function(){return g}});const r=Object.freeze({LIVE:"LIVE",REVIEW_WEBAPP:"REVI

                                                                                                                              Chrome Cache Entry: 327

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:C source, ASCII text, with very long lines (65098)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):213725
                                                                                                                              Entropy (8bit):5.361679936162521
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:F1D54743DBCC9A03EB08F14D0DE65DA4
                                                                                                                              SHA1:16B96431016B503517462F0797901AD8DAC94481
                                                                                                                              SHA-256:4E973E1B8E6B798931086CF372B83E40C417E33C0922087DAD0EB2F89FA891AC
                                                                                                                              SHA-512:209CC5643F2EFEB7E0EDD8CF015FCFF122BC355FE89694650A0CE7761FA1B22284A26CE218FE6A5337E9DCA6F7704A7AE523B997413338FF98AE10FC54804736
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:/*. * Copyright (c) 2011, Yahoo! Inc. All rights reserved.. * Copyright (c) 2011-2012, Log-Normal, Inc. All rights reserved.. * Copyright (c) 2012-2017, SOASTA, Inc. All rights reserved.. * Copyright (c) 2017-2022, Akamai Technologies, Inc. All rights reserved.. * Copyrights licensed under the BSD License. See the accompanying LICENSE.txt file for terms.. */./* Boomerang Version: 1.766.0 c28975a504c1aa46de14fe358f4875ace2917401 */..BOOMR_start=(new Date).getTime();function BOOMR_check_doc_domain(e){if(window){if(!e){if(window.parent===window||!document.getElementById("boomr-if-as"))return;if(window.BOOMR&&BOOMR.boomerang_frame&&BOOMR.window)try{BOOMR.boomerang_frame.document.domain!==BOOMR.window.document.domain&&(BOOMR.boomerang_frame.document.domain=BOOMR.window.document.domain)}catch(t){BOOMR.isCrossOriginError(t)||BOOMR.addError(t,"BOOMR_check_doc_domain.domainFix")}e=document.domain}if(e&&-1!==e.indexOf(".")&&window.parent){try{window.parent.document;return}catch(t){try{document

                                                                                                                              Chrome Cache Entry: 328

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (65455)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):343588
                                                                                                                              Entropy (8bit):5.340863684621744
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:656A4FD9013F905080DEBDD038F06B94
                                                                                                                              SHA1:6843484EA4BE1A3415EA554BB8B7AAA6E311554A
                                                                                                                              SHA-256:0152531ECE5B19AA743208C31FD9F9284282BC97A2EC666DE5CF770A9AEEE0FA
                                                                                                                              SHA-512:B88FC90663AB1457ECCB18717AA6B1A9A4F5FB64C0C58A93D4B3DD62D0AC007176571719DB8BD999E679AFFC8F4105E581F983E0ECDF6A94A48B20D7600218F0
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:/** . * onetrust-banner-sdk. * v6.33.0. * by OneTrust LLC. * Copyright 2022 . */.!function(){"use strict";var o=function(e,t){return(o=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var o in t)t.hasOwnProperty(o)&&(e[o]=t[o])})(e,t)};var v,e,r=function(){return(r=Object.assign||function(e){for(var t,o=1,n=arguments.length;o<n;o++)for(var r in t=arguments[o])Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r]);return e}).apply(this,arguments)};function l(s,i,a,l){return new(a=a||Promise)(function(e,t){function o(e){try{r(l.next(e))}catch(e){t(e)}}function n(e){try{r(l.throw(e))}catch(e){t(e)}}function r(t){t.done?e(t.value):new a(function(e){e(t.value)}).then(o,n)}r((l=l.apply(s,i||[])).next())})}function h(o,n){var r,s,i,e,a={label:0,sent:function(){if(1&i[0])throw i[1];return i[1]},trys:[],ops:[]};return e={next:t(0),throw:t(1),return:t(2)},"function"==typeof Symbol&&(e[Symbol.iterator]=function(){return this}),e;function t(t){

                                                                                                                              Chrome Cache Entry: 330

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (39919)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):353289
                                                                                                                              Entropy (8bit):5.581999505801583
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:3D1ECF6D89C2F3EED85264BBCC82ED2E
                                                                                                                              SHA1:CAD353B8364C1AD64D9D13DC57FC8FF00630AACD
                                                                                                                              SHA-256:E1DDFB24F43DE8C094ED72F8D9327D4A050DEB7C6630ED356C55C056A95DA92A
                                                                                                                              SHA-512:9BAD63B075C1F733F23020949FBC41216C20BD6FF2F53496D4328E9C29451FD8191F38490013B41BB6C378F0353083974D6471CC50382EC4673B7D217A8D1CD2
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://www.googletagmanager.com/gtm.js?id=GTM-PZ48F8
                                                                                                                              Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"718",. . "macros":[{"function":"__u","vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__e"},{"function":"__u","vtp_stripWww":true,"vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"PATH","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__u","vtp_component":"URL","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__remm","vtp_setDefaultValue":true,"vtp_input":["macro",4],"vtp_fullMatch":false,"vtp_replaceAfterMatch":false,"vtp_defaultValue":"false","vtp_ignoreCase":true,"vtp_map":["list",["map","key","\\\/hackcheck","value","true"],["map","key","\\.com(\\\/(en-(gb|u

                                                                                                                              Chrome Cache Entry: 335

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:GIF image data, version 89a, 1 x 1
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):42
                                                                                                                              Entropy (8bit):2.9881439641616536
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:D89746888DA2D9510B64A9F031EAECD5
                                                                                                                              SHA1:D5FCEB6532643D0D84FFE09C40C481ECDF59E15A
                                                                                                                              SHA-256:EF1955AE757C8B966C83248350331BD3A30F658CED11F387F8EBF05AB3368629
                                                                                                                              SHA-512:D5DA26B5D496EDB0221DF1A4057A8B0285D15592A8F8DC7016A294DF37ED335F3FDE6A2252962E0DF38B62847F8B771463A0124EF3F84299F262ED9D9D3CEE4C
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:GIF89a.............!.......,...........D.;

                                                                                                                              Chrome Cache Entry: 337

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with CRLF line terminators
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):370
                                                                                                                              Entropy (8bit):4.5969897580127865
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:1A3D9C26ABD53F99CDC041AB93BA02FA
                                                                                                                              SHA1:920021E2971B440F279DB619030357F9BBBECA58
                                                                                                                              SHA-256:C81A33B6B7AA0E51D18BD799DD2F85E64D44144B6583B24AD753B8A7ED26612C
                                                                                                                              SHA-512:4D1C1726050C1FBFA6AFC28B15C53262F1C0B58CB9BE508B6542B5B424DEA09B3E3617012ACE9F71A49BB765588FA0D00435E1FC201E90D66998D9726B2200BC
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://bat.bing.com/p/action/4016106.js
                                                                                                                              Preview:(function(w,d,c,k,a,b,t,e) {.. var cs = d.currentScript;.. if (cs) {.. var uo = cs.getAttribute('data-ueto');.. if (uo && w[uo] && typeof w[uo].setUserSignals === 'function') {.. w[uo].setUserSignals({'co': c, 'kc': k, 'at': a, 'bi': b, 'dt': t, 'ec': e});.. }.. }..})(window, document, 'us', false, true, false, false, false);..

                                                                                                                              Chrome Cache Entry: 338

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:SVG Scalable Vector Graphics image
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):1349
                                                                                                                              Entropy (8bit):4.201219141408615
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:17D244683C9737C01686C384F87145E2
                                                                                                                              SHA1:44AACB11ECF74D8594C95AF08D9787C654A7D248
                                                                                                                              SHA-256:77B31D0E25FFE381DCD42AA468F074882CB5CB0F0B8BF26FA913308CD4D2772C
                                                                                                                              SHA-512:AD80BB26C37BC2B8418DBAA31A3E4B3465D00FB5C5481C5E6BD4CF4746ECC103465DAA83137195729E33F7849DCF4B15D9F489F00C7858F3A566C40EA1A7EECF
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:<svg width="38" height="18" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M6.947 14.895c2.198 0 4.003-.765 5.18-2.57v2.158h2.414V9.047c0-1.275-.687-1.824-1.982-1.824H7.77V8.32c0 .942.51 1.315 1.373 1.315h1.746c-.274 1.452-1.608 2.53-3.454 2.53-2.237 0-4.022-1.824-4.022-4.709 0-2.57 1.55-4.63 4.297-4.63.588 0 1.06.097 1.491.274.55.216.824.471 1.237.863.352.353.627.608 1.314.608h2.434C13.697 1.688 10.733 0 7.672 0 3.159 0 0 3.454 0 7.79c0 4.378 3.473 7.105 6.947 7.105zm18.966-5.69c0-3.1-2.12-5.121-5.063-5.121-2.963 0-5.376 2.276-5.376 5.514 0 3.277 2.315 5.298 5.317 5.298 1.904 0 3.729-.863 4.611-2.393a6.478 6.478 0 00-.568-.432c-.334-.236-.628-.373-1.02-.373-.373 0-.707.216-1.119.491-.451.294-1.04.452-1.589.452-1.295 0-2.511-.766-2.708-2.335h7.436c.059-.219.079-.807.079-1.101zm-2.944-.843h-4.533c.216-1.315 1.118-2.139 2.354-2.139s2.179.844 2.179 2.12v.019zm3.895 6.121h2.924V9.224c0-1.707.843-2.766 2.257-2.766 1.139 0 1.923.568 1.923 2.001v4.65c0 .883.413 1.394 1.394 1.373h1.53

                                                                                                                              Chrome Cache Entry: 340

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (972)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):1010
                                                                                                                              Entropy (8bit):5.013859345459063
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:2C31476E4A42056CE5898EA8B4FB6D18
                                                                                                                              SHA1:4447ED0AAD40E9F79A73EA6D5B49FB9C692C26F4
                                                                                                                              SHA-256:4AB1F474E4841BB4F871A578F69D0F19F97BEB7E7FEAC50A7A28ED5113428894
                                                                                                                              SHA-512:92A3CB693FEC9BADEC591BDA7B176399EA519997DF9B88EF83776EF03BA5F7E4F20B228C0D8D6447AAA0D8939F97AF6C1D3F85169B9625C284EAAC15AA505F7C
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/j/vendor/one-trust.js
                                                                                                                              Preview:function OptanonWrapper(){var a=document.getElementById("onetrust-consent-sdk");document.body.prepend(a),function(a){var b="; "+document.cookie,c=b.split("; "+a+"=");if(2==c.length)return c.pop().split(";").shift()}("OptanonAlertBoxClosed")||($(".ot-accordion-layout button").attr("aria-expanded","true"),$(".ot-pc-footer .ot-pc-refuse-all-handler").length>0&&$(".ot-pc-footer .ot-pc-refuse-all-handler").insertAfter("#accept-recommended-btn-handler"));const b=navigator.globalPrivacyControl;if(b){document.getElementById("onetrust-consent-sdk").classList.toggle("gpc-detected")}var c=document.querySelector(".gpc-on"),d=document.getElementById("cookieGPCControlButton"),e=document.querySelector(".banner-actions-container");c&&(e.appendChild(d),b?d.addEventListener("click",function(){OneTrust.Close(),document.body.classList.remove("ot-overflow-hidden")}):d.addEventListener("click",function(){OneTrust.AllowAll(),document.body.classList.remove("ot-overflow-hidden")}))}.//# sourceMappingURL=one-tr

                                                                                                                              Chrome Cache Entry: 341

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (8065)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):9888
                                                                                                                              Entropy (8bit):5.4915415046952045
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:BE84BA80DDE6F64202AE40A609C3B48D
                                                                                                                              SHA1:84E13B07244005FAF7F07F0303311CF906138D7A
                                                                                                                              SHA-256:347B2557C95446A90A9166198AB7F459AD1D0780B4EF1EA5837E1872C55F5658
                                                                                                                              SHA-512:5A2C7C75169C6361C0023AD1A61B25C663927CE237C5E3586EDB7C1338BAC7E3C84657019C4E4580CFA8F7C5045FC4C5948265A4C62DA2821EC26CFB0D841332
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://znb3hblkjhhpwrz9k-gendigital.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_b3HblKJHhPwrz9k
                                                                                                                              Preview:(function () {. if (typeof window.QSI === 'undefined'){. window.QSI = {};. }.. var tempQSIConfig = {"hostedJSLocation":"https://siteintercept.qualtrics.com/dxjsmodule/","baseURL":"https://siteintercept.qualtrics.com","surveyTakingBaseURL":"https://s.qualtrics.com/spoke/all/jam","BrandTier":null,"zoneId":"ZN_b3HblKJHhPwrz9k"};.. // If QSI.config is defined in snippet, merge with QSIConfig from orchestrator-handler.. if (typeof window.QSI.config !== 'undefined' && typeof window.QSI.config === 'object') {. // This merges the user defined QSI.config with the handler defined QSIConfig. // If both objects have a property with the same name,. // then the second object property overwrites the first.. for (var attrname in tempQSIConfig) { window.QSI.config[attrname] = tempQSIConfig[attrname]; }. } else {. window.QSI.config = tempQSIConfig;. }.. window.QSI.shouldStripQueryParamsInQLoc = false;.})();../*@preserve.***Version 2.15.1*

                                                                                                                              Chrome Cache Entry: 343

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ISO Media, AVIF Image
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):7880
                                                                                                                              Entropy (8bit):7.952047391784911
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:96994BA2320815BD21C7C37C4785905F
                                                                                                                              SHA1:FE47951D5B7992B84490E3CE10BC4419F60EFADF
                                                                                                                              SHA-256:EBE340FEA32DA500EF47A86C286BDA3CA6159CE02AA81F2130FBC98E50ED0A22
                                                                                                                              SHA-512:8C4711EDA6E4AB685A9CACABCF9AC49B536AB4393AB4365748109002ED5996097ADCE50A9424CFC221FC27AE7150BF8BA36133CC06699C6A7B23DCB88B86E0D2
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/i/v2/aim/bg/lp-safe-emailing/hero@2x.jpg?width=1280&fcwidth=2560&fcheight=2000
                                                                                                                              Preview:....ftypavif....avifmif1miaf....meta.......!hdlr........pict.................pitm........."iloc....D@.......................#iinf..........infe........av01....jiprp...Kipco....colrnclx...........av1C........ispe................pixi............ipma...................mdat.....*g.......2.;D..e.XP.2p..Y...h..e..`..8_*/z.$..o..h;*.-.@.?\.[@...*#{w.&....&'...2EMs.8-...TP.....@p...M..N.A.h...B...O......p...DU.....O.g.....[_.t...69:.bg.\.v.7....Z....P.xq_....KA...J.KG.Fb.>6.....=p...6..6.o!....s..^.\u..{..kR...~P.w.6v;Z..1t..B=.^*...D+`B~i.A.-..1.k.-...T.)...@.TRr...nvU`f.....v....1gf-..dus..z.Nk.1n...{u...C.n.2...^.s../.....V...Y....G..}.g.u.....r^E.e.G.\...fG.....Y.G,....@.......;.]]...nMj.3.7.H..^.CI.cD....1.S...A.(.c.uK{..v....I...|.J...`M..uM.I.."...L..s.PK.W....%.X.{.....y...^..@N.*.8.dJ..l..6E...M9..4Q-}......;...V.....O..n{.6X*..r".$D...\Y..hg.3...G......2.<|q..2C{......2F....W...t..E.OIH."N./*.<.N.}.2\/.w....q.p~..n.-..UA...`.L.../ha..#.......Q0m}0.PMU(

                                                                                                                              Chrome Cache Entry: 345

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:HTML document, ASCII text, with very long lines (952), with no line terminators
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):952
                                                                                                                              Entropy (8bit):5.624894101048954
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:120F872F44A3580B830F8EA78C61CB33
                                                                                                                              SHA1:3ADB5F799B09CEE5E1DECA32583EA1DFC8B93971
                                                                                                                              SHA-256:7E5AF3F21F6E57D79701C621A3E3969C84C872F83E3292129A4EB1548F1ECED7
                                                                                                                              SHA-512:3F3F663B5E8398AA5A434E78E266334A22A6E5CCD39EEDEE3DCA0C19EDEA81D8B95442C746F2F57223D55164F2F7974FCD182A3521834D864F18B8F41F48FED9
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://4711400.fls.doubleclick.net/activityi;dc_pre=CMOA35DqjYkDFYOLgwcd5WoLzg;src=4711400;type=mainavs0;cat=mainasd0;ord=1;num=3200727806000;npa=0;auiddc=1273320310.1728907433;u2=FAV-ONLINE-361;u7=www.avast.com%2Fen-us%2Flp-safe-emailing;u8=;u21=885632441.1728907436;ps=1;pcor=201870207;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9181661103za200zb868619592;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101529665~101671035~101686685;epver=2;~oref=https%3A%2F%2Fwww.avast.com%2Fen-us%2Flp-safe-emailing%3Ffull_trSrc%3Dmmm_ava_esg_000_361_m%26utm_medium%3Demail%26utm_source%3Dlink%26utm_campaign%3Dsig-email%26utm_content%3Dwebmail?
                                                                                                                              Preview:<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"><html><head><title></title></head><body style="background-color: transparent"><img src="https://adservice.google.com/ddm/fls/z/dc_pre=CMOA35DqjYkDFYOLgwcd5WoLzg;src=4711400;type=mainavs0;cat=mainasd0;ord=1;num=3200727806000;npa=0;auiddc=*;u2=FAV-ONLINE-361;u7=www.avast.com%2Fen-us%2Flp-safe-emailing;u8=;u21=885632441.1728907436;ps=1;pcor=201870207;uaa=x86;uab=64;uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132;uamb=0;uam=;uap=Windows;uapv=10.0.0;uaw=0;pscdl=noapi;frm=0;gtm=45fe4a90v9181661103za200zb868619592;gcs=G111;gcd=13v3v3v3v5l1;dma=0;tag_exp=101529665~101671035~101686685;epver=2;~oref=https%3A%2F%2Fwww.avast.com%2Fen-us%2Flp-safe-emailing%3Ffull_trSrc%3Dmmm_ava_esg_000_361_m%26utm_medium%3Demail%26utm_source%3Dlink%26utm_campaign%3Dsig-email%26utm_content%3Dwebmail"/></body></html>

                                                                                                                              Chrome Cache Entry: 346

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (2011)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):2056
                                                                                                                              Entropy (8bit):5.177967735841463
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:90865656692C8FA0844B1988A461D626
                                                                                                                              SHA1:4D4EC2B15FC8D7F3A41639696D8982292ADF91D7
                                                                                                                              SHA-256:CF4323A2DC075A0DA624C09F8DA96F5867D3DBDF73A83CE1937EC9C94A0938EB
                                                                                                                              SHA-512:B500A58E6D17602A64E72FD8266A1DE8F6AD5B5AD8008497DB6349FB58D9B8E9FF8FF0531FEF88EC5242D51E97234BDFB2AFAAF6A6C1A255FB00CB45319F3524
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/j/v2/components/singleDL-primary.js
                                                                                                                              Preview:!function(){"use strict";if(window.sdl!==undefined)try{/OptanonConsent=.*?(consentId=(.*?)(?=&))/.test(document.cookie)&&sdl.push({client:{cmpId:document.cookie.match(/OptanonConsent=.*?(consentId=(.*?)(?=&))/)[2]}}),/(?:NotLandingPage&groups=|groups=).*?(?=&|;|$)/.test(document.cookie)&&sdl.push({consentGroups:document.cookie.match(/(?:NotLandingPage&groups=|groups=).*?(?=&|;|$)/)[0].replace(/NotLandingPage&groups=|groups=/,"").replace(/%3A/g,":").replace(/%/g,",").replace(/2C/g," ")}),sdl.push({session:{countryCode:sdlObj.session.countryCode,secChUa:function(){return navigator.userAgentData!==undefined&&navigator.userAgentData.brands.length>0?navigator.userAgentData.brands:[]}(),platform:window.avastGlobals.detect.os.name,mobile:function(){return navigator.userAgentData!==undefined&&navigator.userAgentData.brands.length>0?navigator.userAgentData.mobile:"-"}()},server:{provider:"CMS",platform:"WEB",env:window.location.host.startsWith("web-preview")?"dev":"prod",dataCenter:"-",sdlVersi

                                                                                                                              Chrome Cache Entry: 350

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:JSON data
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):4917
                                                                                                                              Entropy (8bit):5.1379852884793165
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:F385B785EE3C1F61B183EBDCA09B5A15
                                                                                                                              SHA1:EADE0291684E9226263EAF474EFBA68C60F75DD5
                                                                                                                              SHA-256:C42836E49F6EED3FC5740B901057CB2A397FF25E23B19EF5141D1785EEDA8E18
                                                                                                                              SHA-512:7F8FFAF1846B05A02459E9AEA8BDA193E8BF6017ED37009DBE3FF9F83BA4160F5777CDE0496E01A67630B5D7EDC3445EDEBDA553E59486107D4CB1B95C49BB23
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:"https://c.go-mpulse.net/api/config.json?key=9K3EU-JY7U6-TD3RC-2KCEC-AH4A8&d=www.avast.com&t=5763025&v=1.766.0&if=&sl=0&si=1ad34f9d-215f-4628-a9d7-d64c4fb899be-slchi9&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=&ak.ai=208113"
                                                                                                                              Preview:{"h.key":"9K3EU-JY7U6-TD3RC-2KCEC-AH4A8","h.d":"avast.com","h.t":1728907435194,"h.cr":"2b82bbea88a5a998a37e342df0bb4dc65bb2950d-fc2eda42-f3212ea","session_id":"7c737369-a216-4c52-bc79-793a7d1e6976","site_domain":"avast.com","beacon_url":"//684dd325.akstat.io/","autorun":true,"strip_query_string":true,"beacon_interval":60,"BW":{"enabled":false},"RT":{"session_exp":1800},"ResourceTiming":{"enabled":true,"splitAtPath":true},"Continuity":{"enabled":true,"waitAfterOnload":3000},"PageParams":{"xhr":"none","pageGroups":[{"type":"Regexp","parameter1":"https?://www.(avast|avg).(ru|ae|co.jp|com)/([\\w]{2})-([\\w]{2})/privacy-policy","parameter2":"Privacy Policy","on":["navigation"]},{"type":"Regexp","parameter1":"https?://www.(avast|avg).(ru|ae|co.jp|com)/privacy-policy","parameter2":"Privacy Policy","on":["navigation"]},{"type":"Custom","parameter1":"dataLayer[0].pageGroup","on":["navigation"]},{"type":"Custom","parameter1":"dataLayer[1].pageGroup","on":["navigation"]},{"type":"Custom","paramet

                                                                                                                              Chrome Cache Entry: 352

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (7711)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):292762
                                                                                                                              Entropy (8bit):5.613643688531976
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:D507BB04D8D593F1059F37AC7FCD2DDA
                                                                                                                              SHA1:A9450A77DC0BF5E08B9EC066CF5462F693FBB261
                                                                                                                              SHA-256:61A0094B6C103D2C816F1B5DD7FD7B5C7D32E33B8F67A22877B362E695D254F5
                                                                                                                              SHA-512:303E9CE8E0ED5EE6593A2446B95095D3C6E89CB64E6C0DA0B7189C6712C9F16D7BBBAA26F21527535CD8F754D998901333774273309B0152DF3D08B559EC5F24
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://www.googletagmanager.com/gtag/js?id=G-WZQ6MQ6RF3&l=sdl&cx=c
                                                                                                                              Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"11",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_auto_events","priority":20,"vtp_enableScroll":false,"vtp_enableOutboundClick":true,"vtp_enableDownload":false,"vtp_enableHistoryEvents":false,"vtp_enableForm":true,"vtp_enableVideo":true,"vtp_enablePageView":true,"tag_id":11},{"function":"__ogt_cross_domain","priority":20,"vtp_rules":["list","avast\\.co\\.jp","avast\\.ua","avast\\.ru"],"tag_id":13},{"function":"__ogt_dma","priority":10,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":14},{"function":"__ogt_referral_exclusion","priority":10,"vtp_includeConditions":["list","^avast\\.(com|ru|ua|co\\.jp)$","^ipm\\.avcdn\\.net$","^ipm\\-provider\\.ff\\.avast\\.com$","^paypal\\.com$","ecommpay\\.com$","^pepitastore\\.com$","softline\\.com$","^pay102\\.assist\\.kz$","rabobank\\.nl$","paysec

                                                                                                                              Chrome Cache Entry: 353

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:PNG image data, 600 x 400, 8-bit/color RGBA, non-interlaced
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):75787
                                                                                                                              Entropy (8bit):7.981477696209924
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:462608BCB7D24CF316A3C78DF0954852
                                                                                                                              SHA1:2F3800BF48A0937CA0B6A2075F3A6B9242DB39A6
                                                                                                                              SHA-256:228E2D22F12D02D1254EA5A899729F5BA4BAAB59AC2BED4285E900C945CC0FE4
                                                                                                                              SHA-512:40A17BD4D6C0B3A268B8F2E8532050D1C5695D3F8CA0E9B36EB7DB582FCEB77789728BA9350107AC8E15E2D15364DD968E4EE313FAF8B1051AEE6AF0A10BFD7E
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:.PNG........IHDR...X.........r5......orNT..w.....IDATx...w.e.}.y~..y..VVfVfV.7....h@...J\.R.DJ"%.9...jc#&&F.].f#v..(.#.;"5$..H..Hx.vhW]]....|..{.............|"......U...w~...h......?.......}.....o_'..Ne.P.C....c@...R./).7....#*...}#{}...i.%../@.......".../.....f9...v.Z.~R)...~.........R.<Q.`......E</....^_..i.}C.X.....G?IwW7...X.T......t..B.#.iF.RB)u..........7L#..S.[.@...v..ei....t..i..../.%.S7.19.....`ww..K&...S..}}....X,... ..|..6.o#.......X~.X&..ad$...i...t..i........t.._.._|,_(..*P..R.0......F9}...==....F...|I)...<wtl_......8|h.^_..i.....=.....C,.h......r...... .4....9|.0......$....>....(.g....w..^0.,# Pen\~.d..'.|r./[.4.=c....4......,,../........ w>/.@..kk\.z...U....qC...-.Y.F!|7p.!F..a)((......_.EN..............4M{O.{..4M{o.....M.".P..!..u.i..>./^b..$...s..)FF..H...ug...>..P .+..;......Yp..A...^_..i.{F.X....r.........~*.(.I......|.s.......,G.......4.;N..Q|.8...w#.?.r............D.'....i..+t...=d~....C.....\.)?P.....c}..4M...q...F.......4....

                                                                                                                              Chrome Cache Entry: 354

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (15628)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):15661
                                                                                                                              Entropy (8bit):5.252589972332973
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:E83EC6654B1962B4EDA2154502BF500C
                                                                                                                              SHA1:38617B9284C6CB6523B499D0B8AD75BB844C8FEB
                                                                                                                              SHA-256:24D956B826FD0F854AB15CC1AA55D14DFD1C832C7F5BFE2629549F3E6A92F930
                                                                                                                              SHA-512:2F33EA1913B31A42EF61F6D789E38C5D17EA82358D50A63981E08CB671F9287DFBBA0A90918DE023F54741B4E145770437B04F17BA4878EDB48C6F53DF657952
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:!function(){"use strict";function a(a,b){try{return a(b)}catch(c){return b}}function b(a,b){return a&&(i(b)||j(b))?ra.test(a)?b.getElementsByClassName(a.slice(1)):ta.test(a)?b.getElementsByTagName(a):b.querySelectorAll(a):[]}function c(a){return a.replace(xa,function(a,b){return b.toUpperCase()})}function d(a,b,c){if(c){for(var d=a.length;d--;)if(!1===b.call(a[d],d,a[d]))return a}else for(var d=0,e=a.length;d<e;d++)if(!1===b.call(a[d],d,a[d]))return a;return a}function e(a){for(var b=[],c=1;c<arguments.length;c++)b[c-1]=arguments[c];var d=arguments.length;if(!d)return{};if(1===d)return e(wa,a);for(var f=1;f<d;f++)for(var g in arguments[f])a[g]=arguments[f][g];return a}function f(a,b){var c=a&&(a.matches||a.webkitMatchesSelector||a.msMatchesSelector);return!!c&&!!b&&c.call(a,b)}function g(a){return a instanceof ua}function h(a){return!!a&&a===a.window}function i(a){return!!a&&9===a.nodeType}function j(a){return!!a&&1===a.nodeType}function k(a){return"function"==typeof a}function l(a){re

                                                                                                                              Chrome Cache Entry: 355

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (7711)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):292726
                                                                                                                              Entropy (8bit):5.613475167966936
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:141148267F6F367D2EA9EB8AE9CB4047
                                                                                                                              SHA1:AD70EBA7705EC7F63358BAC0019E181407317717
                                                                                                                              SHA-256:0215988B5D8081112415A830D490DFCF8D50DA3CAE404C45E43D46F915118152
                                                                                                                              SHA-512:0D35B36C7862C07696D0F10C916F5D40B9074BD34CDAFC49FA5A40FAFAE5D2F3C1A736A92A3FC5BD71AD501446963D0DF5CB97E7751B716EDE9847AA773351B8
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"11",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_auto_events","priority":20,"vtp_enableScroll":false,"vtp_enableOutboundClick":true,"vtp_enableDownload":false,"vtp_enableHistoryEvents":false,"vtp_enableForm":true,"vtp_enableVideo":true,"vtp_enablePageView":true,"tag_id":11},{"function":"__ogt_cross_domain","priority":20,"vtp_rules":["list","avast\\.co\\.jp","avast\\.ua","avast\\.ru"],"tag_id":13},{"function":"__ogt_dma","priority":10,"vtp_delegationMode":"ON","vtp_dmaDefault":"DENIED","tag_id":14},{"function":"__ogt_referral_exclusion","priority":10,"vtp_includeConditions":["list","^avast\\.(com|ru|ua|co\\.jp)$","^ipm\\.avcdn\\.net$","^ipm\\-provider\\.ff\\.avast\\.com$","^paypal\\.com$","ecommpay\\.com$","^pepitastore\\.com$","softline\\.com$","^pay102\\.assist\\.kz$","rabobank\\.nl$","paysec

                                                                                                                              Chrome Cache Entry: 359

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (8068), with CRLF, LF line terminators
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):100881
                                                                                                                              Entropy (8bit):5.3187987445323754
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:AB439E4B1EEDFA46690B757288EB35B5
                                                                                                                              SHA1:BC6BBB1FFBD394A48E9477A6811F2CE7535A394F
                                                                                                                              SHA-256:2F343BFB242D0E2D0AD9CD70B28B611FA5A7DEEE9A911CA3B9CD41522D836DB6
                                                                                                                              SHA-512:2E6FCDC5818240ADC4915E7EB76B7765D0EE31F882B74C357BA089A5AC071DF82EF578D4C4B9FBCEB479C97FB9A0542F0C047E4A7024B57C24E18C41C1296C96
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://www.upsellit.com/active/avastcom.jsp
                                                                                                                              Preview:Array.prototype.filter||(Array.prototype.filter=function(t,e){"use strict";if("Function"!=typeof t&&"function"!=typeof t||!this)throw new TypeError;var r=this.length>>>0,o=new Array(r),n=this,l=0,i=-1;if(void 0===e)for(;++i!==r;)i in this&&t(n[i],i,n)&&(o[l++]=n[i]);else for(;++i!==r;)i in this&&t.call(e,n[i],i,n)&&(o[l++]=n[i]);return o.length=l,o}),Array.prototype.forEach||(Array.prototype.forEach=function(t){var e,r;if(null==this)throw new TypeError('"this" is null or not defined');var o=Object(this),n=o.length>>>0;if("function"!=typeof t)throw new TypeError(t+" is not a function");for(arguments.length>1&&(e=arguments[1]),r=0;r<n;){var l;r in o&&(l=o[r],t.call(e,l,r,o)),r++}}),window.NodeList&&!NodeList.prototype.forEach&&(NodeList.prototype.forEach=Array.prototype.forEach),Array.prototype.indexOf||(Array.prototype.indexOf=function(t,e){var r;if(null==this)throw new TypeError('"this" is null or not defined');var o=Object(this),n=o.length>>>0;if(0===n)return-1;var l=0|e;if(l>=n)retur

                                                                                                                              Chrome Cache Entry: 360

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ISO Media, AVIF Image
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):4977
                                                                                                                              Entropy (8bit):7.854030098606175
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:25172FD022E11CFC6F755B48DF623D5C
                                                                                                                              SHA1:7B007935686A8ADC9E3EEE00EB77592E0B66F2F9
                                                                                                                              SHA-256:02F99DD596FA70C630C2B482FD95F7AD94F4942AEB98DE0CDBBFCC16F3574196
                                                                                                                              SHA-512:02A62E64C2734F6EE4120B859AFACE499D324C82CA926B1A3DD0E1D81FBCD2DCE6AFC3BE7C33D833B7D92A2C315CF224D0169266C7D34251CA801A4AE4AC4BDE
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/i/v2/aim/img/lp-safe-emailing/att@2x.png?width=568
                                                                                                                              Preview:....ftypavif....avifmif1miaf....meta.......!hdlr........pict.................pitm.........4iloc....D@...........................j.............8iinf..........infe........av01.....infe........av01.....iprp....ipco....colrnclx...........av1C........ispe.......X........pixi.........8auxC....urn:mpeg:mpegB:cicp:systems:auxiliary:alpha.....av1C........ispe.......X........pixi............ipma..........................iref........auxl..........mdat.....f%|{..2...`.@P.?^j.W[.o.d*....b.(.'...%..t.P...C...lO./Z.J~...W..lI....$.*1...Bi......e.\`.[..:.;Jn....@....G(.6..c[j...?....5.G.dhR}O....y,n.....=....E.B...M.0.......+.C....)fr#d....:.x.....n`6e......._.QX_]>..n...m#...%h..G.O..u.6,]u....0;&-..w...\.~.[ .......&;.d....P..E.."\..@....(..6...$.E.......,.r.5..]..oj.J.S5.:.Sm|t.&.-E.....a....I.R............D9/...g...6.{.8...)U3R.T..(e..>..\8....O..\R....5..C..m..O.h.\-.a......x.....s.........5.q......<........u.U.P..}a)~.;.TtT..y.....dwc/.@,i.......;.....K%,u;.#....X..

                                                                                                                              Chrome Cache Entry: 363

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (32743)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):205841
                                                                                                                              Entropy (8bit):5.356480348534711
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:0743B8CB622D1A3912AE398FD0EDFEC6
                                                                                                                              SHA1:C2E197F6E46CD251E8727110512D1DECA5021459
                                                                                                                              SHA-256:E44BB2883D3CCD7060AD1FEAAF6A22422E5DC221271C11886CA0BC1946372E7F
                                                                                                                              SHA-512:75B30E5758AC145A057FD88B46EA360262E4A7CF6201B6640D34856294EB18B8C3327D34B25ADFB903121775CC3BAA8FC031D3FFF218402305534FE351F2555F
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:// For license information, see `https://assets.adobedtm.com/b29989a14bed/ccef52b414db/launch-773db4767ac4.js`..window._satellite=window._satellite||{},window._satellite.container={buildInfo:{minified:!0,buildDate:"2024-04-10T17:18:01Z",turbineBuildDate:"2023-02-22T20:37:26Z",turbineVersion:"27.5.0"},environment:{id:"ENe5f28798d073455d88b6f8f4fd63eb52",stage:"production"},dataElements:{site_language:{modulePath:"core/src/lib/dataElements/javascriptVariable.js",settings:{path:"nortonAnalytics.site_language"}},TCG:{modulePath:"core/src/lib/dataElements/javascriptVariable.js",settings:{path:"nortonAnalytics.test_group"}},site_country:{modulePath:"core/src/lib/dataElements/javascriptVariable.js",settings:{path:"nortonAnalytics.site_country"}},pagename:{modulePath:"core/src/lib/dataElements/javascriptVariable.js",settings:{path:"nortonAnalytics.page_name"}},"site section":{modulePath:"core/src/lib/dataElements/javascriptVariable.js",settings:{path:"nortonAnalytics.site_section"}},"Dynamic A

                                                                                                                              Chrome Cache Entry: 364

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):16
                                                                                                                              Entropy (8bit):3.577819531114783
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:4C8A26E14EDABDD7D6BFBF1472AFC853
                                                                                                                              SHA1:F268C3DB54608F753ED9320CB2411B00A40C8D65
                                                                                                                              SHA-256:B9224CA870B658AB694ECED1FBB07A971FCE7D0C990E50046929E9968BAF435C
                                                                                                                              SHA-512:820B85A739953E8A71E89FEB45BBFB01E2D2F8977D30B0AB11BED28A7CA2B0365595AA7074A3A9780C8DE95E0C8DE839B5C390519F5238E8435F44736CDD497F
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAk2n2UUBqYs5BIFDaWTNiQ=?alt=proto
                                                                                                                              Preview:CgkKBw2lkzYkGgA=

                                                                                                                              Chrome Cache Entry: 367

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (4329)
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):4373
                                                                                                                              Entropy (8bit):5.3097826568099356
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:D5B79B5ECC02D1E1C7539005572B1FCE
                                                                                                                              SHA1:EE2D390A8764FAF31D46ABD7B537FE28CC811FC0
                                                                                                                              SHA-256:2BBE1473D9EA0290F1145E17B25DC37B3BDD6D2011CECCF12BB196689C28D1C4
                                                                                                                              SHA-512:5405D5E0765165756227CE7D5EA435249D4CF3B0422D0303845C7F2CDD883B596792AF9538A0744A5268E1CBBBC76C4B37256A23859E99D524EA443F16D55EE7
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/j/v2/components/userAgentDetect.js
                                                                                                                              Preview:window.avastGlobals=window.avastGlobals||{},function(){"use strict";function a(){c.classList.remove("js-pc"),c.classList.remove("js-android"),c.classList.remove("js-ios"),c.classList.remove("js-mac")}function b(){d=window.location.hash.substring(1),h.includes(d)&&(a(),c.classList.add("js-"+d))}var c=document.documentElement,d=window.location.hash.substring(1),e=navigator.userAgent.toLowerCase(),f=navigator.language.toLowerCase(),g="pc",h=["android","ios","mac","pc"],i="",j="",k="",l="";if(navigator.userAgentData!==undefined&&navigator.userAgentData.brands.length>0&&navigator.userAgentData.platform!==undefined){k=navigator.userAgentData.platform.toLowerCase(),/windows/.test(k)?k="Windows":/linux/.test(k)?k="Linux":/android/.test(k)?(g="android",k="Android"):/ios/.test(k)?(g="ios",k="IOS"):/macos/.test(k)&&(g="mac",k="Mac");var m=navigator.userAgentData.brands;for(var n in m){var o=m[n];/Chrome/.test(o.brand)?(i="Chrome",j=o.version):/Opera/.test(o.brand)?(i="Opera",j=o.version):/Edge/.t

                                                                                                                              Chrome Cache Entry: 368

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:SVG Scalable Vector Graphics image
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):814
                                                                                                                              Entropy (8bit):4.262051022846105
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:E89108D4006B6921D46EE4FE285E9A30
                                                                                                                              SHA1:25CC22FDBFA2776D3231D7AD4159F44BDD6AFB45
                                                                                                                              SHA-256:3EA97497C219F5C1E06DE12EF9270DFA57C9E6D52F3486272E3F16CEE0FFE14B
                                                                                                                              SHA-512:F2F5B051F2ECAE30764F1290F2BE1B7353B6CEAF9507A4C949CD15259A94FCDEB1F86F1ADAD264444A39DF7FF5E97A5DD3D2228266426490841464C8229BC0BF
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/i/v2/components/logos/avast-logos/seo/favicon.svg?v=2
                                                                                                                              Preview:<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 200 200"><path d="M181.2 158.3c11.7-16.2 18.6-36.1 18.8-57.6C200.4 45.5 155.9.4 100.7 0S.4 44.1 0 99.3c-.2 21.8 6.7 42.1 18.5 58.6 2.9 4.1 6.1 7.9 9.6 11.6 18 18.6 43.2 30.3 71.2 30.5 31.3.2 59.4-14 77.9-36.4 1.4-1.7 2.7-3.5 4-5.3z" fill="#fff"/><path d="M85.8 24.9c12.8-8.8 30.4-4 37.1 10l58.4 123.4c11.7-16.2 18.6-36.1 18.8-57.6C200.4 45.5 155.9.4 100.7 0S.4 44.1 0 99.3c-.2 21.8 6.7 42.1 18.5 58.6l2.3-.5 38.1-8.4c1.1-.2 1.6 1.2.7 1.8l-31.5 18.7c18 18.6 43.2 30.3 71.2 30.5 31.3.2 59.4-14 77.9-36.4L81.7 63.1C71.1 51.9 73 33.7 85.8 24.9zm17.9 113.4l-61.4 5.3c-6.7.6-12.2-4.9-11.8-11.6.5-6.7 6.8-11.3 13.3-9.8l60 14.1c1.1.4 1 1.9-.1 2zm-28.4-54l74.5 60.3c.9.7.1 2-.9 1.7l-89.6-34c-9.4-3.6-13.4-14.7-8.4-23.4 4.9-8.8 16.5-10.9 24.4-4.6z" fill="#ff7800"/></svg>

                                                                                                                              Chrome Cache Entry: 369

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (65316)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):357782
                                                                                                                              Entropy (8bit):5.554833367913548
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:805950E61C0AA882FA190125CDB9F76D
                                                                                                                              SHA1:C4BC57C6913BF3AF35F0B5C46E1DDA3785C2CAFD
                                                                                                                              SHA-256:A093222A0C429EA643CAA82BB3EA66A24829C84CBC2E87E275419EC0CF16B695
                                                                                                                              SHA-512:0C600847664F84C080C8377BA4CB6C7765A2ADD9B645CB7CD4F013D4969D972CED9BAFEFCC9072C1646C98ACC91F96397D4AF48397B7AA24155C82B4C10156F2
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:.// Copyright 2012 Google Inc. All rights reserved.. . (function(w,g){w[g]=w[g]||{};. w[g].e=function(s){return eval(s);};})(window,'google_tag_manager');. .(function(){..var data = {."resource": {. "version":"120",. . "macros":[{"function":"__e"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"error.message"},{"function":"__v","vtp_dataLayerVersion":2,"vtp_setDefaultValue":false,"vtp_name":"error.type"},{"function":"__u","vtp_component":"HOST","vtp_enableMultiQueryKeys":false,"vtp_enableIgnoreEmptyQueryParam":false},{"function":"__jsm","vtp_javascript":["template","(function(){var a=\"G-12345678\",b=window.location.hostname,c=window.location.pathname;if(\/\\.avast\\.(com|ua|ru|co\\.jp)\/.test(b))a=\"G-WZQ6MQ6RF3\";else if(\/.avg.com\/.test(b))a=\"G-0DKJC5WS6X\";else if(\/.checkout-(stage|dev).avast.com\/.test(b)||0===c.indexOf(\"\/www.avast.com\"))a=\"G-PWZC03G2WC\";else if(\/.checkout-(stage|dev).avg.com\/.test(b)||0===c.indexOf(\"\/www.avg.com\"

                                                                                                                              Chrome Cache Entry: 372

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:Web Open Font Format (Version 2), TrueType, length 20416, version 1.131
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):20416
                                                                                                                              Entropy (8bit):7.989516884943251
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:79D199915C35744618487C2B40CA73A4
                                                                                                                              SHA1:6F7A94C3FB9B704EE2FDA196B345C35953AC9770
                                                                                                                              SHA-256:0D822CCDFEC5D11AA33B42BB3904A22474DC2CC3C6B3E0FC8F4FA5523C43A85E
                                                                                                                              SHA-512:84E5BDE017A0D08E7905D475DCAAC80097EF110FE0C0BE82049BF63575D255EB1F8BA722BCAA1D96A9B59202B17C1137EBC0D657C4A6CF8F97FCC336E5E8143B
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/o/f/400/MierB03-SubsetEng-Regular.woff2
                                                                                                                              Preview:wOF2......O........$..O\..........................h...R..(.`..D..v........H..}.6.$..$..... ..\. ..z. .'...Hw......x...8,hX..h.....K...?%......4.^?..S|.g...0...V.....C.C+i'.k ..{......Y.*s.u........eJe..j.C........... .I,......eo+[......,..Z.....|e*.9.$...#......K....._.8.t`K,......R.$T..&........9y...{.Y]..a...N4N{.....,..,.K.. .x.......J..l...Ax...dP\...{....N....Z......W..}.....G.A<.O....Y.(.@.X..\.c.....:{.*........@....S..l.0. .EZ.MGS.@v.....m......q".[a.....`.....].E5O...;..q.....i".(.......t.....@.&!...^{..2._.?/f....oJ.nK....o...(.. +r.2......2.A..Z.>...m..(* .F....n......w}E}E......._......MM..K4.jH......x.l....+0..7.M.*%...t....e{..;.].n.Z.jYU.=..@ic...,g.T../......A.6....=.^.)...I.i...M.sf...V.....#.2.6.K...........R.....@9...#Yt<Y............]......H....@..P..w.. .H.y........./..S.s.\T.].n..+.....~.s.6[.......W.D.?w.....7.rfC..lk.'..&m{S..@..UU...!tUr....`...5.#....3..?rR.F=.c<.H..".._*O.....Yh..&..~|uO....`.~3UUQQQQQQ1....?-4A..]

                                                                                                                              Chrome Cache Entry: 374

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:RIFF (little-endian) data, Web/P image
                                                                                                                              Category:downloaded
                                                                                                                              Size (bytes):15238
                                                                                                                              Entropy (8bit):7.9666070443885975
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:B2A06877A8CCE4B5683A3913DEF5645A
                                                                                                                              SHA1:A4BD3A319442C70BF9C6AC43778038674DAFC205
                                                                                                                              SHA-256:5BCCDF1385566D676AD62B611860437D08AC4C9AC8709D7E9C60109BDBF5A70E
                                                                                                                              SHA-512:2AED61C78E2D708863FB74170BF30D96633F90FB121596B040559792681E532FB0291E4952318CF6BEE7AEC9577E87365F83ACD4AD31741EE53BED40F720A27F
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              URL:https://static3.avast.com/10003956/web/i/v2/aim/img/_components/dtyp-thumbup.png
                                                                                                                              Preview:RIFF~;..WEBPVP8X...........)..ALPH.-...........^..; "..m...e.=Bo..#. e=..%..S..8k-...a.V.....w(...<.P.....o.\0.+C..L...*.....:_[..d.dR....v.B..b......N/.s..Z...u...W.._7!...$../.om.y.m..........!J`.7.;;.........P.J@.,a.$.E...q..1.~.m..h...t0(A%..u0.`......&|2<..*.B......sz<c...("&.~|9......}.s..V3w....%'....!.7...V.J......}.g......Y..G.&....5I.L/..E4.:.oy8O%.&.\.O.T.J`:$G.R...6.R.Bb...QS.NF....fC..C..k..S.@=f...U.r...Z...#S..W..|....^sd:....M..pd0<l6&...y...k./..S.z.,L'.......o..V..`.-.. _.28.}LL.R.y...|...n9...:5.z./...V[U..*w.W.*.7.j.......9|.p6..Q....j...25,.(t...lU.:..l&L.['...o.1.Zf..A..5~a.a...{....Bj...?.c....D1,[a......".[Zb...:.U......}.:ci.._:.....K...y..D.j.c...P..........A..........WA....C......@.........,_...[.....`.O.t..}....-?.~t.B.y~.v{.......'.B.b.....K/...?5x......'`^.MO.R.^.$.w..Yz.V.D...dSG_R..y...`.B.q:../......8%.V.Z..k..2..Kz^..Q...Z~R]..K....n..~@.qzN...:.>..iY..xE.0?.~t...z..o.+b.-?.R.9.u.

                                                                                                                              Chrome Cache Entry: 376

                                                                                                                              Download File
                                                                                                                              Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              File Type:ASCII text, with very long lines (5945)
                                                                                                                              Category:dropped
                                                                                                                              Size (bytes):270269
                                                                                                                              Entropy (8bit):5.572102508808897
                                                                                                                              Encrypted:false
                                                                                                                              SSDEEP:
                                                                                                                              MD5:FD497D4416F037041BCC144A2A2F71F1
                                                                                                                              SHA1:D623ABE4DC20FF0E9167A2DE8D0FC46017CA1AEF
                                                                                                                              SHA-256:131E59A51A0968DD28039CB64838CF78A17A6400FF018B82B8806B7EA65F517D
                                                                                                                              SHA-512:85D1666B78301376038EF86E7D5AFC27595C4513EE132C8C0B285E70C309E2598A48D5FB947DF27443E4E67B34D5D28F5BB072CAB6DC415FFBF1039F7C00B582
                                                                                                                              Malicious:false
                                                                                                                              Reputation:unknown
                                                                                                                              Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"5",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_auto_events","priority":16,"vtp_enableScroll":false,"vtp_enableOutboundClick":false,"vtp_enableDownload":false,"vtp_enableHistoryEvents":false,"vtp_enableForm":false,"vtp_enableVideo":false,"vtp_enablePageView":true,"tag_id":10},{"function":"__ogt_cross_domain","priority":16,"vtp_rules":["list","avast\\.co\\.jp","avast\\.ua","avast\\.ru"],"tag_id":12},{"function":"__ogt_1p_data_v2","priority":6,"vtp_isEnabled":false,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":t

                                                                                                                              Static File Info

                                                                                                                              No static file info