Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe

Overview

General Information

Sample name:SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe
Analysis ID:1547435
MD5:68388f9b51b413fa68207229be176b28
SHA1:43464a5febf2db792bba3b845254242ee4cb61a2
SHA256:ad0d298646b9d19946c094895bd3eb502dc455010f412d1b7391420949cec145
Tags:exeRustyStealer
Infos:

Detection

Score:52
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Multi AV Scanner detection for submitted file
Found strings related to Crypto-Mining
Creates a process in suspended mode (likely to inject code)
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Installs a raw input device (often for capturing keystrokes)
JA3 SSL client fingerprint seen in connection with other malware
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
Queries keyboard layouts
Queries the volume information (name, serial number etc) of a device
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication
Very long cmdline option found, this is very uncommon (may be encrypted or packed)

Classification

Process Tree

  • System is w10x64
  • SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe (PID: 7096 cmdline: "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe" MD5: 68388F9B51B413FA68207229BE176B28)
    • msedgewebview2.exe (PID: 3420 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection --enable-features=MojoIpcz --lang=en-GB --mojo-named-platform-channel-pipe=7096.7040.2643601424697135273 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 4208 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x16c,0x7ffd93e68e88,0x7ffd93e68e98,0x7ffd93e68ea8 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 2024 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1816 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:2 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 2820 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2172 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:3 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 368 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2940 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:8 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 988 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1730545340699955 --launch-time-ticks=7363961088 --mojo-platform-channel-handle=3484 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:1 MD5: 9909D978B39FB7369F511D8506C17CA0)
      • msedgewebview2.exe (PID: 5260 cmdline: "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=744 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:2 MD5: 9909D978B39FB7369F511D8506C17CA0)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

No Sigma rule has matched

Suricata Signatures

TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2024-11-02T14:05:20.271993+010020229301A Network Trojan was detected4.175.87.197443192.168.2.649779TCP
2024-11-02T14:05:58.727536+010020229301A Network Trojan was detected4.245.163.56443192.168.2.649986TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for submitted file
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeReversingLabs: Detection: 18%

Bitcoin Miner

barindex
Found strings related to Crypto-Mining
Source: msedgewebview2.exe, 00000003.00000002.3418755050.00002C0002F18000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: jsecoin.com/
Source: msedgewebview2.exe, 00000003.00000002.3419461532.00002C00030C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: "coinhive.com
Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.6:49715 version: TLS 1.2
Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.199.111.133:443 -> 192.168.2.6:49726 version: TLS 1.2
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: Binary string: nextchat.pdb source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\SCT Auditing Pending ReportsJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\b5bde39b-ed49-4d54-997b-d4680e0f9957.tmpJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Jump to behavior
Source: global trafficHTTP traffic detected: GET /ChatGPTNextWeb/ChatGPT-Next-Web/releases/latest/download/latest.json HTTP/1.1accept: application/jsonhost: github.com
Source: global trafficHTTP traffic detected: GET /ChatGPTNextWeb/ChatGPT-Next-Web/releases/download/v2.15.6/latest.json HTTP/1.1accept: application/jsonreferer: https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/releases/latest/download/latest.jsonhost: github.com
Source: global trafficHTTP traffic detected: GET /github-production-release-asset-2e65be/612344730/3cd57bbe-8241-4fc6-bd27-bb7c90aaa569?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241102%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241102T130509Z&X-Amz-Expires=300&X-Amz-Signature=0dbc1a6befe9ce864a6c45309c96b4515fd0136a0d5fa3818b229dac8fa81efc&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dlatest.json&response-content-type=application%2Foctet-stream HTTP/1.1accept: application/jsonreferer: https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/releases/download/v2.15.6/latest.jsonhost: objects.githubusercontent.com
Source: Joe Sandbox ViewIP Address: 162.159.61.3 162.159.61.3
Source: Joe Sandbox ViewIP Address: 140.82.121.4 140.82.121.4
Source: Joe Sandbox ViewIP Address: 185.199.111.133 185.199.111.133
Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
Source: Network trafficSuricata IDS: 2022930 - Severity 1 - ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow : 4.175.87.197:443 -> 192.168.2.6:49779
Source: Network trafficSuricata IDS: 2022930 - Severity 1 - ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow : 4.245.163.56:443 -> 192.168.2.6:49986
Source: global trafficHTTP traffic detected: GET /config/v1/Edge/117.0.2045.47?clientId=6632647812204454971&agents=EdgeConfig%2CEdgeDomainActions%2CEdgeFirstRunConfig&osname=win&client=webview&channel=stable&scpfull=0&scpguard=0&scpfre=0&scpver=0&osarch=x86_64&osver=10.0.19045&wu=0&devicefamily=desktop&uma=0&sessionid=0&mngd=0&installdate=1730552703&edu=&bphint=2&soobedate=1696486676&fg=1 HTTP/1.1Host: config.edge.skype.comConnection: keep-aliveAccept-Encoding: gzipSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
Source: global trafficHTTP traffic detected: GET /https://raw.githubusercontent.com/ChatGPTNextWeb/NextChat-Awesome-Plugins/main/plugins/dalle/openapi.json HTTP/1.1Host: ghp.ciConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: http://tauri.localhostSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: http://tauri.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: POST /g/collect?v=2&tid=G-89WN60ZK2E&gtm=45je4au0v9193277674za200&_p=1730552711857&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1485091294.1730552715&ul=en-gb&sr=1280x1024&uaa=x86&uab=64&uafvl=Microsoft%2520Edge%3B117.0.2045.47%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132%7CMicrosoft%2520Edge%2520WebView2%3B117.0.2045.47&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1730552714&sct=1&seg=0&dl=http%3A%2F%2Ftauri.localhost%2F&dt=NextChat&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=8951 HTTP/1.1Host: www.google-analytics.comConnection: keep-aliveContent-Length: 0sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: http://tauri.localhostSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyReferer: http://tauri.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /css2?family=Noto%20Sans%3Awght%40300%3B400%3B700%3B900&display=swap HTTP/1.1Host: fonts.googleapis.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://tauri.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /https://raw.githubusercontent.com/ChatGPTNextWeb/NextChat-Awesome-Plugins/main/plugins/arxivsearch/openapi.json HTTP/1.1Host: ghp.ciConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: http://tauri.localhostSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: http://tauri.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /https://raw.githubusercontent.com/ChatGPTNextWeb/NextChat-Awesome-Plugins/main/plugins/duckduckgolite/openapi.json HTTP/1.1Host: ghp.ciConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: http://tauri.localhostSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: http://tauri.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"Origin: http://tauri.localhostsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.102
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.102
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.102
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.102
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.102
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.102
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.102
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.102
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.102
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.102
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.102
Source: unknownTCP traffic detected without corresponding DNS query: 142.251.116.95
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: unknownTCP traffic detected without corresponding DNS query: 132.145.248.22
Source: global trafficHTTP traffic detected: GET /config/v1/Edge/117.0.2045.47?clientId=6632647812204454971&agents=EdgeConfig%2CEdgeDomainActions%2CEdgeFirstRunConfig&osname=win&client=webview&channel=stable&scpfull=0&scpguard=0&scpfre=0&scpver=0&osarch=x86_64&osver=10.0.19045&wu=0&devicefamily=desktop&uma=0&sessionid=0&mngd=0&installdate=1730552703&edu=&bphint=2&soobedate=1696486676&fg=1 HTTP/1.1Host: config.edge.skype.comConnection: keep-aliveAccept-Encoding: gzipSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
Source: global trafficHTTP traffic detected: GET /ChatGPTNextWeb/ChatGPT-Next-Web/releases/latest/download/latest.json HTTP/1.1accept: application/jsonhost: github.com
Source: global trafficHTTP traffic detected: GET /ChatGPTNextWeb/ChatGPT-Next-Web/releases/download/v2.15.6/latest.json HTTP/1.1accept: application/jsonreferer: https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/releases/latest/download/latest.jsonhost: github.com
Source: global trafficHTTP traffic detected: GET /github-production-release-asset-2e65be/612344730/3cd57bbe-8241-4fc6-bd27-bb7c90aaa569?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241102%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241102T130509Z&X-Amz-Expires=300&X-Amz-Signature=0dbc1a6befe9ce864a6c45309c96b4515fd0136a0d5fa3818b229dac8fa81efc&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dlatest.json&response-content-type=application%2Foctet-stream HTTP/1.1accept: application/jsonreferer: https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/releases/download/v2.15.6/latest.jsonhost: objects.githubusercontent.com
Source: global trafficHTTP traffic detected: GET /https://raw.githubusercontent.com/ChatGPTNextWeb/NextChat-Awesome-Plugins/main/plugins/dalle/openapi.json HTTP/1.1Host: ghp.ciConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: http://tauri.localhostSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: http://tauri.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /css2?family=Noto%20Sans%3Awght%40300%3B400%3B700%3B900&display=swap HTTP/1.1Host: fonts.googleapis.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: http://tauri.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /https://raw.githubusercontent.com/ChatGPTNextWeb/NextChat-Awesome-Plugins/main/plugins/arxivsearch/openapi.json HTTP/1.1Host: ghp.ciConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: http://tauri.localhostSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: http://tauri.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /https://raw.githubusercontent.com/ChatGPTNextWeb/NextChat-Awesome-Plugins/main/plugins/duckduckgolite/openapi.json HTTP/1.1Host: ghp.ciConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Origin: http://tauri.localhostSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: http://tauri.localhost/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: global trafficHTTP traffic detected: GET /s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2 HTTP/1.1Host: fonts.gstatic.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"Origin: http://tauri.localhostsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://fonts.googleapis.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
Source: msedgewebview2.exe, 00000003.00000002.3422203386.00002C000392C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: ,www.facebook.com equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000003.00000002.3422203386.00002C0003930000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: ?www.facebook.com equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000007.00000003.2204892086.00006BF80049C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2204422616.00006BF80043C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2203456239.00006BF80049C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: Math.round(q);t["gtm.videoElapsedTime"]=Math.round(f);t["gtm.videoPercent"]=r;t["gtm.videoVisible"]=u;return t},rk:function(){e=pb()},zd:function(){d()}}};var Yb=ka(["data-gtm-yt-inspected-"]),nD=["www.youtube.com","www.youtube-nocookie.com"],oD,pD=!1; equals www.youtube.com (Youtube)
Source: msedgewebview2.exe, 00000009.00000003.2225937617.00000A1402A98000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2226361727.00000A1402AA0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2230239932.00000A1402AAC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var k=UA(a,c,e);S(121);if(k["gtm.elementUrl"]==="https://www.facebook.com/tr/")return S(122),!0;if(d&&f){for(var m=Ab(b,g.length),n=0;n<g.length;++n)g[n](k,m);return m.done}for(var p=0;p<g.length;++p)g[p](k,function equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000007.00000003.2204892086.00006BF80049C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2204422616.00006BF80043C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2203456239.00006BF80049C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: c?"runIfCanceled":"runIfUncanceled",[]);if(!g.length)return!0;var k=UA(a,c,e);S(121);if(k["gtm.elementUrl"]==="https://www.facebook.com/tr/")return S(122),!0;if(d&&f){for(var m=Ab(b,g.length),n=0;n<g.length;++n)g[n](k,m);return m.done}for(var p=0;p<g.length;++p)g[p](k,function(){});return!0},XA=function(){var a=[],b=function(c){return db(a,function(d){return d.form===c})};return{store:function(c,d){var e=b(c);e?e.button=d:a.push({form:c,button:d})},get:function(c){var d=b(c);return d?d.button:null}}}, equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000009.00000003.2168121884.00000A140089C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2188118242.00000A140089C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2216511162.00000A140089C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://microsoftstart.msn.cn/*https://rewards.microsoft.com/*https://www.microsoftnews.com/*https://www.facebook.com/*www.staging-bing-int.comaction.getBadgeTextColorhttps://outlook.live.com/*manifest:browser_action equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000003.00000002.3414986156.00002C00026EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2168121884.00000A140089C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2188118242.00000A140089C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.facebook.com/* equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000007.00000003.2204892086.00006BF80049C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2204422616.00006BF80043C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2203456239.00006BF80049C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: if(!(e||f||g||k.length||m.length))return;var p={Ah:e,yh:f,zh:g,ii:k,ji:m,Qe:n,Ib:b},q=C.YT;if(q)return q.ready&&q.ready(d),b;var r=C.onYouTubeIframeAPIReady;C.onYouTubeIframeAPIReady=function(){r&&r();d()};G(function(){for(var u=E.getElementsByTagName("script"),v=u.length,t=0;t<v;t++){var w=u[t].getAttribute("src");if(yD(w,"iframe_api")||yD(w,"player_api"))return b}for(var x=E.getElementsByTagName("iframe"),y=x.length,A=0;A<y;A++)if(!pD&&wD(x[A],p.Qe))return oc("https://www.youtube.com/iframe_api"), equals www.youtube.com (Youtube)
Source: msedgewebview2.exe, 00000007.00000003.2204892086.00006BF80049C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2204422616.00006BF80043C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2203456239.00006BF80049C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: var AC=function(a,b,c,d,e){var f=rA("fsl",c?"nv.mwt":"mwt",0),g;g=c?rA("fsl","nv.ids",[]):rA("fsl","ids",[]);if(!g.length)return!0;var k=wA(a,"gtm.formSubmit",g),m=a.action;m&&m.tagName&&(m=a.cloneNode(!1).action);S(121);if(m==="https://www.facebook.com/tr/")return S(122),!0;k["gtm.elementUrl"]=m;k["gtm.formCanceled"]=c;a.getAttribute("name")!=null&&(k["gtm.interactedFormName"]=a.getAttribute("name"));e&&(k["gtm.formSubmitElement"]=e,k["gtm.formSubmitElementText"]=e.value);if(d&&f){if(!dz(k,fz(b, equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000003.00000002.3414986156.00002C00026EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3422203386.00002C0003930000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3422203386.00002C000392C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.facebook.com equals www.facebook.com (Facebook)
Source: msedgewebview2.exe, 00000009.00000003.2205820511.00000A14050A8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2207625966.00000A14050C0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
Source: global trafficDNS traffic detected: DNS query: github.com
Source: global trafficDNS traffic detected: DNS query: objects.githubusercontent.com
Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: unknownHTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: http://.css
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: http://.jpg
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://129fy.ie.chalai.net
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://511sllqdkj.yc.anhuang.net
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159645660.0000309000150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/1423136
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2162
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2517
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415603398.00002C000285C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2970
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3078
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3205
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3206
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3452
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415603398.00002C000285C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3498
Source: msedgewebview2.exe, 00000003.00000002.3415603398.00002C000285C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3498id
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3502
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3577
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3584
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3411726465.00002C000221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3586
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419362814.00002C0003088000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404856855.0000309000098000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3623
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419362814.00002C0003088000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404856855.0000309000098000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3624
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419362814.00002C0003088000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404856855.0000309000098000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3625
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3832
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3862
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3965
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3411726465.00002C000221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3970
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3411726465.00002C000221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4324
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4384
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4405
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4428
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415603398.00002C000285C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4551
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4633
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4722
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4836
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4901
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4937
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3411726465.00002C000221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159645660.0000309000150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5007
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5055
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5061
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5281
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5371
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5375
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5421
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5430
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5535
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5658
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5750
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5881
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5901
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906
Source: msedgewebview2.exe, 00000003.00000002.3415603398.00002C000285C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6041
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6048
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6141
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6248
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6439
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6651
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6692
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6755
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6860
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6876
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6878
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6929
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6953
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159645660.0000309000150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7036
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7047
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7172
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7279
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3411726465.00002C000221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7370
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7406
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7488
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7553
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7556
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159645660.0000309000150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7724
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159645660.0000309000150000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7760
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7761
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8162
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8215
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8229
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8280
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://bd.gy912.com
Source: msedgewebview2.exe, 00000003.00000003.2745985101.00002C0002440000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2746007975.00002C0003980000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417379313.00002C0002CC1000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761508694.00006BF8003B9000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3405958724.00006BF80056C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761274826.00006BF80011C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://c.pki.goog/r/r1.crl0
Source: msedgewebview2.exe, 00000003.00000003.2745985101.00002C0002440000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2746007975.00002C0003980000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417379313.00002C0002CC1000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761508694.00006BF8003B9000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761274826.00006BF80011C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3403381433.00006BF800128000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3406031773.00006BF800578000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://c.pki.goog/wr2/oQ6nyr8F0m0.crl0
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://cdmg.yuchiweb.icu
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://click.dotmap.co.kr/?pf_code=
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://click.dotmap.co.kr/?pf_code=https://www.nate.com/?f=nateontb
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://df.edge.bdkj.bailiana.com
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://dongtaiwang.com/loc/phome.php?v=
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://dongtaiwang.com/loc/phome.php?v=odo
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2186144955.00001DA804E04000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2174892768.000001F9EF27D000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2183768362.00001DA801204000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2172301891.000001F9EEC64000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2183228346.000001F9EE8F3000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2181825939.00001DA800C04000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2187144066.00001DA803604000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2182649420.00001DA801804000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2171161245.000001F9EE955000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2181631464.00001DA800A04000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2190032090.00001DA802804000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2186119828.00001DA804604000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2185356169.00001DA803604000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2182162161.00001DA801004000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2170829527.000001F9EE292000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2178359166.000001F9EE298000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2184461849.00001DA801204000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2189983729.00002C0003C04000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2187153860.00002C0005404000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2189067706.00002C0004404000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2188071271.00002C0004C04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://engelschall.com)
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://game.whwuyan.cn
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://hao123.di178.com/?
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://hao123.di178.com/?r916
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://hao123kjedge.dh.softby.cn
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: http://html4/loose.dtd
Source: msedgewebview2.exe, 00000003.00000003.2745985101.00002C0002440000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2746007975.00002C0003980000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417379313.00002C0002CC1000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761508694.00006BF8003B9000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3405958724.00006BF80056C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761274826.00006BF80011C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://i.pki.goog/r1.crt0
Source: msedgewebview2.exe, 00000003.00000003.2745985101.00002C0002440000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2746007975.00002C0003980000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417379313.00002C0002CC1000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761508694.00006BF8003B9000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761274826.00006BF80011C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3406031773.00006BF800578000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://i.pki.goog/wr2.crt0
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419739409.00002C0003140000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405903194.0000309000148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406561487.00003090001F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405478388.0000309000108000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://issuetracker.google.com/200067929
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://jg.wangamela.com/tg
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: http://localhost:3000/../out
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: http://localhost:3000/../out-
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://mini.yyrtv.com/?from=
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://navi.anhuiyunci.com
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://navi.programmea.com
Source: msedgewebview2.exe, 00000003.00000003.2745985101.00002C0002440000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2746007975.00002C0003980000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417379313.00002C0002CC1000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761508694.00006BF8003B9000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761274826.00006BF80011C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3406031773.00006BF800578000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://o.pki.goog/wr20%
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2186144955.00001DA804E04000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2174892768.000001F9EF27D000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2183768362.00001DA801204000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2172301891.000001F9EEC64000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2183228346.000001F9EE8F3000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2181825939.00001DA800C04000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2187144066.00001DA803604000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2182649420.00001DA801804000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2171161245.000001F9EE955000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2181631464.00001DA800A04000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2190032090.00001DA802804000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2186119828.00001DA804604000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2185356169.00001DA803604000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2182162161.00001DA801004000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2170829527.000001F9EE292000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2178359166.000001F9EE298000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2184461849.00001DA801204000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2189983729.00002C0003C04000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2187153860.00002C0005404000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2189067706.00002C0004404000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2188071271.00002C0004C04000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://opensource.org/licenses/MIT)
Source: msedgewebview2.exe, 00000003.00000002.3413561546.00002C00023E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://permanently-removed.invalid/
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r.emsoso.cn
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r.emsoso.cna
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://r.jgxqebp.cn
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://service.whchenxiang.com
Source: msedgewebview2.exe, 00000003.00000002.3412224836.00002C00022D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3420764652.00002C0003310000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.loc
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2186144955.00001DA804E04000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180161033.00001DA8006B8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180749295.00001DA8003D8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180908574.00001DA80064C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180192951.00001DA800678000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2179552109.00001DA8003D8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180514772.00001DA8006EC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2183768362.00001DA801204000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2169968781.00001DA800378000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2179882766.00001DA80060C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2179552109.00001DA8003C8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2169789831.00001DA800390000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180481137.00001DA8006DC000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2187144066.00001DA803604000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180806003.00001DA80063C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180553998.00001DA8006FE000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2179722838.00001DA80063C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2179818306.00001DA8003D8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180460412.00001DA8006C4000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180749295.00001DA8003C8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2179916640.00001DA8003D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost
Source: msedgewebview2.exe, 00000003.00000002.3420210061.00002C0003210000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3421034178.00002C0003684000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3418906701.00002C0002F6C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3420018355.00002C00031A0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3414292341.00002C00024CC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2258224822.00002C00037EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3412268225.00002C00022E8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3418472073.00002C0002EAC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3421302449.00002C0003818000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2180436079.00002C0003304000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419362814.00002C0003088000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419784977.00002C000314C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3414242797.00002C00024AC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3411866630.00002C0002268000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3420582774.00002C00032D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417665119.00002C0002D54000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417379313.00002C0002CC1000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2745875763.00002C00037EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3421167456.00002C00037F0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/
Source: msedgewebview2.exe, 00000003.00000002.3420210061.00002C0003210000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3420444644.00002C00032B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost//newsbar
Source: msedgewebview2.exe, 00000003.00000002.3421034178.00002C0003684000.00000004.00000800.00020000.00000000.sdmp, 000003.log0.3.drString found in binary or memory: http://tauri.localhost/0
Source: msedgewebview2.exe, 00000003.00000002.3417474961.00002C0002CF4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417379313.00002C0002CC1000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/6
Source: msedgewebview2.exe, 00000003.00000002.3416982436.00002C0002C80000.00000004.00000800.00020000.00000000.sdmp, History.3.drString found in binary or memory: http://tauri.localhost/NextChat
Source: msedgewebview2.exe, 00000003.00000002.3418906701.00002C0002F6C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/P
Source: msedgewebview2.exe, 00000003.00000002.3412049894.00002C00022B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3418567766.00002C0002EC4000.00000004.00000800.00020000.00000000.sdmp, 69435b4a9b85732d_0.3.drString found in binary or memory: http://tauri.localhost/_next/static/chunks/01b72599-0f638b08586f3199.js
Source: msedgewebview2.exe, 00000003.00000002.3412224836.00002C00022D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/_next/static/chunks/app/page-129540f74e5c8e9.js
Source: msedgewebview2.exe, 00000003.00000002.3416253548.00002C0002990000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415603398.00002C000285C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2209001421.00000A1400E60000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2208976289.00000A1400E58000.00000004.00000800.00020000.00000000.sdmp, 0f4629ddf59494ce_0.3.drString found in binary or memory: http://tauri.localhost/_next/static/chunks/app/page-129540f794e5c8e9.js
Source: msedgewebview2.exe, 00000003.00000002.3420210061.00002C0003210000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/erPolicyst/
Source: msedgewebview2.exe, 00000003.00000002.3420210061.00002C0003210000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3418906701.00002C0002F6C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2258224822.00002C00037EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3420582774.00002C00032D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2745875763.00002C00037EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3421167456.00002C00037F0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2230768052.00002C00037E0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2230680944.00000A1400A7C000.00000004.00000800.00020000.00000000.sdmp, Favicons.3.drString found in binary or memory: http://tauri.localhost/favicon.ico
Source: msedgewebview2.exe, 00000003.00000002.3420210061.00002C0003210000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3420582774.00002C00032D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/favicon.ico8
Source: msedgewebview2.exe, 00000003.00000002.3418906701.00002C0002F6C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2258224822.00002C00037EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3420582774.00002C00032D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2745875763.00002C00037EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3421167456.00002C00037F0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2230768052.00002C00037E0000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/favicon.icoc
Source: msedgewebview2.exe, 00000003.00000002.3416843337.00002C0002C30000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/ginOpenerPolicy
Source: msedgewebview2.exe, 00000003.00000002.3415603398.00002C000285C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/idg
Source: msedgewebview2.exe, 00000003.00000002.3420210061.00002C0003210000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/imple_watcher.cc
Source: msedgewebview2.exe, 00000003.00000002.3416982436.00002C0002C7D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/lhost/NextChat
Source: msedgewebview2.exe, 00000003.00000002.3420764652.00002C0003310000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3402281423.00006BF800070000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/serviceWorker.js
Source: msedgewebview2.exe, 00000003.00000002.3420764652.00002C0003310000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/serviceWorkerRegi
Source: msedgewebview2.exe, 00000003.00000002.3420210061.00002C0003210000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/site.webmanifest
Source: msedgewebview2.exe, 00000003.00000002.3420210061.00002C0003210000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/site.webmanifesti
Source: msedgewebview2.exe, 00000003.00000002.3412049894.00002C00022B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost/t/prompts.json
Source: msedgewebview2.exe, 00000003.00000002.3420630640.00002C00032E8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3421034178.00002C0003684000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3405012234.0000020EB1460000.00000002.00000001.00040000.00000038.sdmp, QuotaManager.3.drString found in binary or memory: http://tauri.localhost/tauri.localhost_default
Source: msedgewebview2.exe, 00000003.00000002.3420630640.00002C00032E8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3421034178.00002C0003684000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3405012234.0000020EB1460000.00000002.00000001.00040000.00000038.sdmp, QuotaManager.3.drString found in binary or memory: http://tauri.localhost/tauri.localhost_default/
Source: msedgewebview2.exe, 00000003.00000002.3416027583.00002C0002934000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.localhost:80
Source: msedgewebview2.exe, 00000003.00000002.3412224836.00002C00022D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3420764652.00002C0003310000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://tauri.loclhost
Source: msedgewebview2.exe, 00000003.00000002.3418425879.00002C0002E9C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://unisolated.invalid/
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://vi.liveen.vn/p/home.html
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://web.113989.com/?
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://web.503188.com/?
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.4399.com/flash/32979.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.4399.com/flash/48399.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.4399.com/flash/seer.htm
Source: msedgewebview2.exe, 00000003.00000002.3415603398.00002C000285C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.chambersign.org1
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.dinoklafbzor.org
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.hao123.com.11818wz.com/?e
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://xt.tiantianbannixue.com
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3413388014.00002C00023B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://zn728.tdg68.com
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://123.sogou.com/?
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://360.qrfq25sg.xyz
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3413388014.00002C00023B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://656a.com
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4830
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4966
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/5845
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/6574
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7161
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7162
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7246
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7308
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415603398.00002C000285C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7319
Source: msedgewebview2.exe, 00000003.00000002.3415603398.00002C000285C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7319ate
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7320
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7369
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7382
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7489
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7604
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7714
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7847
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7899
Source: msedgewebview2.exe, 00000003.00000002.3417205706.00002C0002C9F000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3420630640.00002C00032E8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2287184276.00002C0003154000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3421078017.00002C0003697000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3418183368.00002C0002E2C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3413431214.00002C00023C5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415657700.00002C0002894000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3420676288.00002C00032F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3418567766.00002C0002EC4000.00000004.00000800.00020000.00000000.sdmp, 000003.log.3.dr, data_2.7.drString found in binary or memory: https://api.openai.com
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ausu.lol
Source: msedgewebview2.exe, 00000003.00000002.3413646623.00002C000240C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://azureedge.net/
Source: msedgewebview2.exe, 00000003.00000002.3414601625.00002C00025D4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://baduk.hangame.com/?utm_source=baduk&utm_medium=icon&utm_campaign=shortcut
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://browser.360.cn/saas/index.html
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://browser.cloud.huawei.com.cn/pc
Source: msedgewebview2.exe, 00000003.00000002.3413561546.00002C00023E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.designerapp.osi.office.net/
Source: msedgewebview2.exe, 00000003.00000002.3413561546.00002C00023E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.edog.designerapp.osi.office.net/
Source: msedgewebview2.exe, 00000003.00000002.3413561546.00002C00023E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cdn.int.designerapp.osi.office.net/
Source: msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromereporting-pa.googleapis.com/v1/record
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://code.51.com
Source: msedgewebview2.exe, 00000003.00000002.3420630640.00002C00032E8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2204868772.00006BF8002C8000.00000004.00000800.00020000.00000000.sdmp, data_3.7.drString found in binary or memory: https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://daohang.96zxue.com
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://de.withtls.net
Source: msedgewebview2.exe, 00000003.00000002.3413561546.00002C00023E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://designerapp-dogfood.azurewebsites.net/
Source: msedgewebview2.exe, 00000003.00000002.3413561546.00002C00023E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://designerapp-int.azurewebsites.net/
Source: msedgewebview2.exe, 00000003.00000002.3413561546.00002C00023E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://designerapp.azurewebsites.net/
Source: msedgewebview2.exe, 00000003.00000002.3413561546.00002C00023E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://designerapp.azurewebsites.net/https://designerapp-dogfood.azurewebsites.net/
Source: msedgewebview2.exe, 00000003.00000002.3413561546.00002C00023E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://designerapp.azurewebsites.net/net//
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://dev.tg.wan.360.cn/?
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://discovery.lenovo.com.cn/home
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://discovery.lenovo.com.cn/home062291
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://docs.rs/getrandom#nodejs-es-module-support
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://docs.rs/tauri/1/tauri/scope/struct.IpcScope.html#method.configure_remote_access
Source: msedgewebview2.exe, 00000003.00000002.3420630640.00002C00032E8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2287184276.00002C0003154000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3413431214.00002C00023C5000.00000004.00000800.00020000.00000000.sdmp, 000003.log.3.dr, data_2.7.drString found in binary or memory: https://export.arxiv.org
Source: msedgewebview2.exe, 00000003.00000003.2250022424.00002C00036DC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2230955381.00002C0003778000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2258132863.00002C0003710000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2228212150.000004E400381000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2244126132.00000A1402C50000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2245096025.00000A1402A44000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://expressjs.com
Source: msedgewebview2.exe, 00000003.00000003.2250022424.00002C00036DC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2230955381.00002C0003778000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2258132863.00002C0003710000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2228212150.000004E400381000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2244126132.00000A1402C50000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2245096025.00000A1402A44000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://expressjs.com/)
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2186144955.00001DA804E04000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2174892768.000001F9EF27D000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2183768362.00001DA801204000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2172301891.000001F9EEC64000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2183228346.000001F9EE8F3000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2187144066.00001DA803604000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2182649420.00001DA801804000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2190032090.00001DA802804000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2186119828.00001DA804604000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2185356169.00001DA803604000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2182162161.00001DA801004000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2173938831.000001F9EE427000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2178359166.000001F9EE298000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2184461849.00001DA801204000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2189983729.00002C0003C04000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2187153860.00002C0005404000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2189067706.00002C0004404000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2188071271.00002C0004C04000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2186170996.00002C0003404000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2220344746.00000A1401004000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2187637904.00000A1403004000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://feross.org
Source: msedgewebview2.exe, 00000003.00000002.3412889851.00002C0002368000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3402197250.00006BF800060000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3402588216.00006BF8000AC000.00000004.00000800.00020000.00000000.sdmp, data_1.7.drString found in binary or memory: https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://gamebox.160.com/static
Source: msedgewebview2.exe, 00000003.00000003.2287184276.00002C0003154000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3421078017.00002C0003697000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3413431214.00002C00023C5000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3421391233.00002C000383F000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415657700.00002C0002894000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3418567766.00002C0002EC4000.00000004.00000800.00020000.00000000.sdmp, 000003.log.3.dr, data_1.7.drString found in binary or memory: https://ghp.ci/https://raw.githubusercontent.com/ChatGPTNextWeb/NextChat-Awesome-Plugins/main/plugin
Source: msedgewebview2.exe, 00000003.00000003.2230768052.00002C00037AC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2250022424.00002C00036DC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2230955381.00002C0003778000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2258132863.00002C0003710000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2228212150.000004E400381000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2244126132.00000A1402C50000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2245096025.00000A1402A44000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/0x170)
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/releases/latest/download/latest.jsonsrc/main.rs
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180161033.00001DA8006B8000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180192951.00001DA800678000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180276995.00001DA80066C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180241433.00001DA800684000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180301296.00001DA8006D0000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2180104486.00001DA8006C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2190822674.00002C0002984000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2183686260.00002C00033A0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2182499582.00002C00033AC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2190948637.00002C00028D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2184182712.00000A14007DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/enkia/tokyo-night-vscode-theme
Source: msedgewebview2.exe, 00000003.00000003.2230768052.00002C00037AC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2250022424.00002C00036DC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2230955381.00002C0003778000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2258132863.00002C0003710000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2228212150.000004E400381000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2244126132.00000A1402C50000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2245096025.00000A1402A44000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/moniang)
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://github.com/rust-windowing/tao
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://github.com/rust-windowing/taoC:
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://github.com/rust-windowing/taoe
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2133966761.000001F9EA7E6000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2134162389.000001F9EA78F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2134127139.000001F9EA78F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2133966761.000001F9EA80F000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2168633145.00001DA800334000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2168783489.00001DA800328000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2134127139.000001F9EA770000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2168938113.00001DA80034C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2168703488.00001DA800340000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2133966761.000001F9EA7FA000.00000004.00000020.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2168905040.00001DA80031C000.00000004.00000800.00020000.00000000.sdmp, SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmp, msedgewebview2.exe, 00000003.00000003.2274860187.00002C000322C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2177026941.00002C000325C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2169395338.00002C0003244000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2169048627.00002C0003268000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3420210061.00002C0003210000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2169196203.00002C0003280000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2169644453.00002C00027CC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2170165013.00002C0003220000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3420304413.00002C0003250000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/tauri-apps/tauri/issues/2549#issuecomment-1250036908
Source: msedgewebview2.exe, 00000003.00000002.3413646623.00002C000240C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
Source: msedgewebview2.exe, 00000003.00000002.3413646623.00002C000240C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/ng
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://h5.mcetab.com
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.qq.com/?unc=
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hao.qq.com/?unc=Af31026&s=o400493_1
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hk.eynbm.com
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://hlj04.com
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ilive.lenovo.com.cn/?f=
Source: msedgewebview2.exe, 00000003.00000003.2227226990.00002C00036C8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2228455675.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2227969855.00002C00036B4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2243775043.00000A1402C0C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2226533436.000004E400381000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2243775043.00000A1402C34000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://image.pollinations.ai/prompt/
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://internet-start.net/?
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419739409.00002C0003140000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405903194.0000309000148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406561487.00003090001F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405478388.0000309000108000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/161903006
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419739409.00002C0003140000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406561487.00003090001F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405478388.0000309000108000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/166809097
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419739409.00002C0003140000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405903194.0000309000148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406561487.00003090001F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405478388.0000309000108000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/184850002
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419739409.00002C0003140000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406561487.00003090001F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405478388.0000309000108000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/187425444
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419739409.00002C0003140000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405903194.0000309000148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406561487.00003090001F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/220069903
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419739409.00002C0003140000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405903194.0000309000148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406561487.00003090001F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405478388.0000309000108000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/229267970
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419739409.00002C0003140000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406561487.00003090001F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405478388.0000309000108000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/250706693
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419739409.00002C0003140000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405903194.0000309000148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406561487.00003090001F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405478388.0000309000108000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/253522366
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419739409.00002C0003140000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405903194.0000309000148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406561487.00003090001F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/255411748
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419739409.00002C0003140000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405903194.0000309000148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406561487.00003090001F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/258207403
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419739409.00002C0003140000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405903194.0000309000148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406561487.00003090001F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405478388.0000309000108000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/274859104
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419739409.00002C0003140000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406561487.00003090001F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405478388.0000309000108000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/284462263
Source: msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419601238.00002C0003110000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404201605.000030900001C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/issues/166475273
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://jg.awaliwa.com
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://jianjie.2345.com
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://kf.07073.com
Source: msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login-us.microsoftonline.com/
Source: msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.chinacloudapi.cn/
Source: msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.cloudgovapi.us/
Source: msedgewebview2.exe, 00000003.00000002.3401362335.0000020EA9AE8000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2294391090.0000020EA9AF9000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3403380422.0000020EAEA02000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3414242797.00002C00024AC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.com
Source: msedgewebview2.exe, 00000003.00000002.3401362335.0000020EA9AE8000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2294391090.0000020EA9AF9000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3401728676.00006BF80000C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.live.com/
Source: msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoft-ppe.com/
Source: msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.com/
Source: msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.de/
Source: msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.microsoftonline.us/
Source: msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.usgovcloudapi.net/
Source: msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.windows-ppe.net/
Source: msedgewebview2.exe, 00000003.00000002.3402468856.0000020EAB91F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.windows.net
Source: msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3402468856.0000020EAB91F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://login.windows.net/
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3413388014.00002C00023B8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lx.pub
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lx.pub/
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://lx.pub/P
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://mini.eastday.com/?qid=04433&rfstyle=qt
Source: msedgewebview2.exe, 00000003.00000002.3413646623.00002C000240C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.cn/
Source: msedgewebview2.exe, 00000003.00000002.3413646623.00002C000240C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.com/
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://news.4399.com/aoyazhiguang/
Source: msedgewebview2.exe, 00000003.00000002.3420764652.00002C0003310000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3411824501.00002C000225C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nextchat.dev/
Source: msedgewebview2.exe, 00000003.00000002.3420764652.00002C0003310000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3411824501.00002C000225C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nextchat.dev/(
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ntp.msn.cn/edge/ntp
Source: msedgewebview2.exe, 00000003.00000002.3413646623.00002C000240C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://office.net/
Source: msedgewebview2.exe, 00000003.00000002.3416889048.00002C0002C40000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3413561546.00002C00023E8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3413296983.00002C0002398000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3411726465.00002C000221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3403701878.00006BF80017C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/
Source: msedgewebview2.exe, 00000003.00000002.3415845419.00002C00028F4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/GetCheckConnectionInfo?source=ChromiumBrowser
Source: msedgewebview2.exe, 00000003.00000002.3416253548.00002C0002990000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/Logout?source=ChromiumBrowser&continue=https://permanently-remov
Source: msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/devicemanagement/data/api
Source: msedgewebview2.exe, 00000003.00000002.3412049894.00002C00022B4000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/encryption/unlock/desktop?kdi=CAIaDgoKY2hyb21lc3luYxAB
Source: msedgewebview2.exe, 00000003.00000002.3414940170.00002C00026D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/v1:GetHints
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redian.mnjunshi.com/?qid=tpnews
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://redian.mnjunshi.com/?qid=tpnewsy_pcuni
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://so.lenovo.com.cn
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://start.jword.jp/?fr=slc
Source: msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://sts.windows-ppe.net/
Source: msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://sts.windows.net/
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://tauri.app/docs/api/config#tauri.allowlist)
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://tauri.app/docs/api/config#tauri.allowlist)C:
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://tauri.app/docs/api/config#tauri.allowlist)CommandPath
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpString found in binary or memory: https://tauri.app/v1/api/config/#securityconfig.dangerousremotedomainipcaccess
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tg.602.com
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tg.602.coma
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tj.xyhvip.cn
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://tp.9377s.com
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2178881960.000001F9EC337000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2191926444.00002C0003304000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://va.vercel-scripts.com/v1/speed-insights
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://web.sogou.com/?
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3411866630.00002C0002268000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.2345.com/?
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/100030_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/10305_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/10379.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/10379_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/107884_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/109832_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/110975_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/112689_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/115339_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/117227_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/117945_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/118852_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/122099_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/12669_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/127539_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/130389_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/130396.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/130396_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/132028.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/133630_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/134302_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/136516_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/137116_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/137953_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/1382_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/1382_2.htmhttps://www.4399.com/flash/137953_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/145991_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/151915_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/155283_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/155476_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/15548_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/160944_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/163478_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/171322_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/173634_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/177937_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/17801_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/18012.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/18012_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/180977_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/18169_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/187040_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/187228_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/188593.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/188739_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/189558_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/191203_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/195673_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/195990_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/198491_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/198637_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/198660_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/199408_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202061_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202574_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202604_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202692_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202724_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202785.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202819_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202828_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202901_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202907_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/202911_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203018_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203093_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203152.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203153_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203154.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203166_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203178_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203215_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203231_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203369_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203371_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203404_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203453_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203476_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203481_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203495_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203515_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203564_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203682_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/203768_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204044_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204056_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204206.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204255_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204290_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204422_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204422_4.htmhttps://www.4399.com/flash/204290_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204429_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204562_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204650_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204685_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204886_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204926_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204952_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/204989_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205090_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205147.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205165.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205182.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205235_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205325_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205341_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205462_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205536_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205551_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/205845_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/206114_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/20660_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/206724_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/207195_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/207717_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/208107_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/209567_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/210650_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/212767_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/21552_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/216417_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/21674_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217370_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217603_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217622_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217629_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217706_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217815_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217844_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217855_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/217926_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218066_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218162_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218717_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218860_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/218939_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/220266_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/221162_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/221700_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/221839_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/222061_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/222151_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/222442_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/22287_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/223745.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/223745_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/225193_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/227465_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/230446_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/231814_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/27924.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/27924_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/32979_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/35538.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/35538_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/3881_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/3883_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/39379_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/40779_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/41193_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/42760_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/43689_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/43841_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/47931_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/48272_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/48504.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/48504_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/55146_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/59227_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/60369_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/6232_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/63805_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/65731_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/69112_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/69156_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/70215_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/72526_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/73386.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/776_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/79452_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/81895_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/83345_4.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/85646_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/87425_2.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/88902_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/90302_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/93015_1.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/93398_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/93551_3.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/yzzrhj.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.4399.com/flash/zmhj.htm
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.91duba.com/?
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.91duba.com/?f=
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/?tn=
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.baidu.com/s?tn=15007414_9_dg&wd=
Source: msedgewebview2.exe, 00000003.00000002.3412311612.00002C00022F8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.catcert.net/verarrel
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.douyin.com/?ug_source=
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.flash.cn/success
Source: msedgewebview2.exe, 00000003.00000002.3422423257.00002C0003964000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google-analytics.com/g/collect?v=2&tid=G-89WN60ZK2E&gtm=45je4au0v9193277674za200&_p=1730
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000003.2169665007.00001DA800358000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3414601625.00002C00025D4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3405393420.00006BF8002DC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2187555488.00000A1400AD4000.00000004.00000800.00020000.00000000.sdmp, 7bcf9775628cdf6e_0.3.dr, data_1.7.drString found in binary or memory: https://www.googletagmanager.com/gtag/js?id=G-89WN60ZK2E
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.hao123.com/?tn=
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.iduba.com/sv.html?f=
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.jiegeng.com
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.nate.com/?f=nateontb
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.newduba.cn/?
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.newduba.cn/?f=
Source: msedgewebview2.exe, 00000003.00000002.3417205706.00002C0002C9F000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3420018355.00002C00031A0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, Top Sites.3.drString found in binary or memory: https://www.office.com/
Source: msedgewebview2.exe, 00000003.00000002.3417205706.00002C0002C9F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.office.com/OfficeeEATE
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.so.com/?src=
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3414986156.00002C00026EC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.sogou.com/web?ie=
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.startfenster.de
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.startseite24.net
Source: msedgewebview2.exe, 00000003.00000002.3402468856.0000020EAB91F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://xsts.auth.xboxlive.com
Source: msedgewebview2.exe, 00000003.00000002.3402468856.0000020EAB91F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://xsts.auth.xboxlive.com/
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yxtg.3zwx.cn/tg/ttfc.html?sc=
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yxtg.flamebird.cn/tg/ttfc.html?sc=
Source: msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://yxtg.taojike.com.cn/tg/ttfc.html?sc=
Source: msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://zum.com/?af=
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49787
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50017
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49763
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 50011 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50017 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50012
Source: unknownNetwork traffic detected: HTTP traffic on port 49787 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50011
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50016
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 49715 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49715
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 50012 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 50016 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49728 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49763 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49728
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.6:49715 version: TLS 1.2
Source: unknownHTTPS traffic detected: 140.82.121.4:443 -> 192.168.2.6:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 185.199.111.133:443 -> 192.168.2.6:49726 version: TLS 1.2
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpBinary or memory string: RegisterRawInputDevicesmemstr_1b40358b-b
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeBinary string: \Device\Afd\Mio
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeBinary string: Failed to open \Device\Afd\Mio:
Source: classification engineClassification label: mal52.mine.winEXE@14/172@10/9
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeFile created: C:\Users\user\AppData\Local\com.yida.chatgpt.next.webJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeMutant created: NULL
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile created: C:\Users\user\AppData\Local\Temp\cc97a341-d666-4153-89ab-0faec6beaa65.tmpJump to behavior
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeKey opened: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile read: C:\Windows\System32\drivers\etc\hostsJump to behavior
Source: msedgewebview2.exe, 00000003.00000002.3416253548.00002C0002990000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT id, storage_key, type, name, expiration, quota, persistent, durability FROM buckets WHERE storage_key = ? AND type = ? AND name = ?);
Source: msedgewebview2.exe, 00000003.00000002.3419829574.00002C000315C000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: SELECT value FROM meta WHERE key=?;;;
Source: msedgewebview2.exe, 00000003.00000002.3403278913.0000020EAE9F5000.00000002.00000001.00040000.0000001E.sdmp, Login Data.3.drBinary or memory string: CREATE TABLE password_notes (id INTEGER PRIMARY KEY AUTOINCREMENT, parent_id INTEGER NOT NULL REFERENCES logins ON UPDATE CASCADE ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, key VARCHAR NOT NULL, value BLOB, date_created INTEGER NOT NULL, confidential INTEGER, UNIQUE (parent_id, key));
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeReversingLabs: Detection: 18%
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeString found in binary or memory: -installI
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeString found in binary or memory: tauri://update-availabletauri://update-install
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeString found in binary or memory: 9tauri://update-availabletauri://update-install
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeString found in binary or memory: overflow:hidden;img src="http://addEventListenerresponsible for s.js"></script>
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeString found in binary or memory: /load_hpack; header malformed -- pseudo not at head of block`
Source: unknownProcess created: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe "C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe"
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection --enable-features=MojoIpcz --lang=en-GB --mojo-named-platform-channel-pipe=7096.7040.2643601424697135273
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x16c,0x7ffd93e68e88,0x7ffd93e68e98,0x7ffd93e68ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1816 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2172 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2940 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1730545340699955 --launch-time-ticks=7363961088 --mojo-platform-channel-handle=3484 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=744 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x16c,0x7ffd93e68e88,0x7ffd93e68e98,0x7ffd93e68ea8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1816 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:2Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2172 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2940 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1730545340699955 --launch-time-ticks=7363961088 --mojo-platform-channel-handle=3484 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:1Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=744 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:2Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: secur32.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: explorerframe.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: dataexchange.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: edputil.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: dbghelp.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: twinapi.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: schannel.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeSection loaded: cryptnet.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: version.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kbdus.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.system.profile.platformdiagnosticsandusagedatasettings.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: userenv.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: netutils.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mdmregistration.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mdmregistration.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: omadmapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dmcmnutils.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: iri.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dsreg.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: profapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: powrprof.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: umpdc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dwrite.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: nlaapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dhcpcsvc6.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wldp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.ui.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windowmanagementapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: inputhost.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: propsys.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: profapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mscms.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: coloradapterclient.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winsta.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.security.authentication.web.core.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: devobj.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dataexchange.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uiautomationcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: atlthunk.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: oleacc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: directmanipulation.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: resourcepolicyclient.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mf.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mfplat.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: rtworkq.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: hevcdecoder.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dolbydecmft.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mfperfhelper.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d10warp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dxcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dcomp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dbghelp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dwrite.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wldp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: vaultcli.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.web.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: microsoftaccountwamextension.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: aadwamextension.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dwritecore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: hevcdecoder.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: tenantrestrictionsplugin.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: netprofm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: npmproxy.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.system.userprofile.diagnosticssettings.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wevtapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: secur32.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dbghelp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.system.diagnostics.telemetry.platformtelemetryclient.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: bitsproxy.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dhcpcsvc6.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: nlaapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: ncryptprov.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: profapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: winmm.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: wldp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: profapi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dxgi.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: resourcepolicyclient.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d11.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dxcore.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mf.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mfplat.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: rtworkq.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: hevcdecoder.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dolbydecmft.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: mfperfhelper.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d12.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d12.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d12core.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3d10warp.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: dxilconv.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: d3dscache.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: userenv.dllJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InProcServer32Jump to behavior
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: Virtual size of .text is bigger than: 0x100000
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: Image base 0x140000000 > 0x60000000
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic file information: File size 12247040 > 1048576
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: Raw size of .text is bigger than: 0x100000 < 0x5b1200
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: Raw size of .rdata is bigger than: 0x100000 < 0x590400
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IMPORT
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_RESOURCE
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_BASERELOC
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_IAT
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: data directory type: IMAGE_DIRECTORY_ENTRY_DEBUG
Source: Binary string: nextchat.pdb source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IMPORT is in: .rdata
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_RESOURCE is in: .rsrc
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_BASERELOC is in: .reloc
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG is in: .rdata
Source: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeStatic PE information: Data directory: IMAGE_DIRECTORY_ENTRY_IAT is in: .rdata
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\ROOTJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeRegistry key monitored for changes: HKEY_CURRENT_USER_ClassesJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOXJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeKey opened: HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts\d0010809Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\wasm FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\js FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Service Worker\ScriptCache FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\blob_storage\8502c232-be8f-4514-8cdf-44c8b6ca6a6a FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Cache\Cache_Data FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47 FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47 FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\Temp FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user\AppData\Local\Temp FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile Volume queried: C:\Users\user FullSizeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\SCT Auditing Pending ReportsJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\b5bde39b-ed49-4d54-997b-d4680e0f9957.tmpJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeFile opened: C:\Users\user\AppData\Jump to behavior
Source: msedgewebview2.exe, 00000003.00000002.3417754188.00002C0002D74000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware
Source: msedgewebview2.exe, 00000003.00000002.3419969173.00002C000318C000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware Virtual USB Mouse
Source: msedgewebview2.exe, 00000003.00000002.3412311612.00002C00022F8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: USB device added: path=\\?\usb#vid_0e0f&pid_0003#5&2dda038&0&5#{a5dcbf10-6530-11d2-901f-00c04fb951ed} vendor=3599 "VMware", product=3 "VMware Virtual USB Mouse", serial="", driver="usbccgp", guid=3df908ef-9ae1-465d-991c-b4a6583dc6ec
Source: msedgewebview2.exe, 00000003.00000002.3400684202.0000020EA9A45000.00000004.00000020.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3393319432.000001FB6764B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess information queried: ProcessInformationJump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeMemory allocated: page read and write | page guardJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x16c,0x7ffd93e68e88,0x7ffd93e68e98,0x7ffd93e68ea8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1816 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:2Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2172 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2940 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1730545340699955 --launch-time-ticks=7363961088 --mojo-platform-channel-handle=3484 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:1Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=744 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:2Jump to behavior
Source: C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=securiteinfo.com.trojan.generickd.74442994.24259.8937.exe --webview-exe-version=2.15.6 --user-data-dir="c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=mswebooui,mspdfooui,mssmartscreenprotection --enable-features=mojoipcz --lang=en-gb --mojo-named-platform-channel-pipe=7096.7040.2643601424697135273
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview\crashpad --annotation=isofficialbuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=win64 "--annotation=prod=edge webview2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x16c,0x7ffd93e68e88,0x7ffd93e68e98,0x7ffd93e68ea8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview" --webview-exe-name=securiteinfo.com.trojan.generickd.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=waaaaaaaaadgaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaaaeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=1816 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=mojoipcz --disable-features=mspdfooui,mssmartscreenprotection,mswebooui /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --noerrdialogs --user-data-dir="c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview" --webview-exe-name=securiteinfo.com.trojan.generickd.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2172 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=mojoipcz --disable-features=mspdfooui,mssmartscreenprotection,mswebooui /prefetch:3
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.storageservice --lang=en-gb --service-sandbox-type=service --noerrdialogs --user-data-dir="c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview" --webview-exe-name=securiteinfo.com.trojan.generickd.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2940 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=mojoipcz --disable-features=mspdfooui,mssmartscreenprotection,mswebooui /prefetch:8
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview" --webview-exe-name=securiteinfo.com.trojan.generickd.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-nacl --first-renderer-process --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_ch" --time-ticks-at-unix-epoch=-1730545340699955 --launch-time-ticks=7363961088 --mojo-platform-channel-handle=3484 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=mojoipcz --disable-features=mspdfooui,mssmartscreenprotection,mswebooui /prefetch:1
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview" --webview-exe-name=securiteinfo.com.trojan.generickd.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=waaaaaaaaadoaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaabeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=744 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=mojoipcz --disable-features=mspdfooui,mssmartscreenprotection,mswebooui /prefetch:2
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview\crashpad --annotation=isofficialbuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=win64 "--annotation=prod=edge webview2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x16c,0x7ffd93e68e88,0x7ffd93e68e98,0x7ffd93e68ea8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview" --webview-exe-name=securiteinfo.com.trojan.generickd.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=waaaaaaaaadgaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaaaeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=1816 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=mojoipcz --disable-features=mspdfooui,mssmartscreenprotection,mswebooui /prefetch:2Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.networkservice --lang=en-gb --service-sandbox-type=none --noerrdialogs --user-data-dir="c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview" --webview-exe-name=securiteinfo.com.trojan.generickd.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2172 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=mojoipcz --disable-features=mspdfooui,mssmartscreenprotection,mswebooui /prefetch:3Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.storageservice --lang=en-gb --service-sandbox-type=service --noerrdialogs --user-data-dir="c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview" --webview-exe-name=securiteinfo.com.trojan.generickd.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2940 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=mojoipcz --disable-features=mspdfooui,mssmartscreenprotection,mswebooui /prefetch:8Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview" --webview-exe-name=securiteinfo.com.trojan.generickd.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-nacl --first-renderer-process --lang=en-gb --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_ch" --time-ticks-at-unix-epoch=-1730545340699955 --launch-time-ticks=7363961088 --mojo-platform-channel-handle=3484 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=mojoipcz --disable-features=mspdfooui,mssmartscreenprotection,mswebooui /prefetch:1Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeProcess created: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe "c:\program files (x86)\microsoft\edgewebview\application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="c:\users\user\appdata\local\com.yida.chatgpt.next.web\ebwebview" --webview-exe-name=securiteinfo.com.trojan.generickd.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=waaaaaaaaadoaaamaaaaaaaaaaaaaaaaaabgaaaaaaa4aaaaaaaaaaaaaabeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaagaaaaaaaaaayaaaaaaaaaagaaaaaaaaacaaaaaaaaaaiaaaaaaaaaa== --mojo-platform-channel-handle=744 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=mojoipcz --disable-features=mspdfooui,mssmartscreenprotection,mswebooui /prefetch:2Jump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\Trust Protection Lists\manifest.json VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\WidevineCdm\manifest.json VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\System32\spool\drivers\color\sRGB Color Space Profile.icm VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\segoeui.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\seguisb.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\segoeuib.ttf VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\Fonts\cambria.ttc VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\MEIPreload\preloaded_data.pb VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Windows\System32\drivers\etc\hosts VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeQueries volume information: C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\SCT Auditing Pending Reports VolumeInformationJump to behavior
Source: C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuidJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts12
Command and Scripting Interpreter		1
DLL Side-Loading		11
Process Injection		1
Masquerading		11
Input Capture		1
Query Registry		Remote Services11
Input Capture		1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization Scripts1
DLL Side-Loading		1
Disable or Modify Tools		LSASS Memory1
Security Software Discovery		Remote Desktop ProtocolData from Removable Media1
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)11
Process Injection		Security Account Manager1
Process Discovery		SMB/Windows Admin SharesData from Network Shared Drive3
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook1
DLL Side-Loading		NTDS1
Remote System Discovery		Distributed Component Object ModelInput Capture14
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon ScriptSoftware PackingLSA Secrets1
File and Directory Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC ScriptsSteganographyCached Domain Credentials23
System Information Discovery		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe18%ReversingLabsWin64.Trojan.Generic

Dropped Files

No Antivirus matches

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://anglebug.com/46330%URL Reputationsafe
https://anglebug.com/73820%URL Reputationsafe
http://www.chambersign.org10%URL Reputationsafe
http://anglebug.com/69290%URL Reputationsafe
https://anglebug.com/72460%URL Reputationsafe
https://anglebug.com/73690%URL Reputationsafe
https://anglebug.com/74890%URL Reputationsafe
https://issuetracker.google.com/1619030060%URL Reputationsafe
http://anglebug.com/47220%URL Reputationsafe
http://anglebug.com/35020%URL Reputationsafe
http://anglebug.com/36230%URL Reputationsafe
http://anglebug.com/36250%URL Reputationsafe
http://anglebug.com/36240%URL Reputationsafe
http://anglebug.com/38620%URL Reputationsafe
https://docs.rs/getrandom#nodejs-es-module-support0%URL Reputationsafe
http://anglebug.com/48360%URL Reputationsafe
https://issuetracker.google.com/issues/1664752730%URL Reputationsafe
http://anglebug.com/39700%URL Reputationsafe
http://anglebug.com/59010%URL Reputationsafe
http://anglebug.com/39650%URL Reputationsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
svc.ms-acdc-teams.office.com
52.123.243.92
truefalse
    		unknown
    chrome.cloudflare-dns.com
    		162.159.61.3
    		truefalse
      		unknown
      github.com
      		140.82.121.4
      		truefalse
        		unknown
        objects.githubusercontent.com
        		185.199.111.133
        		truefalse
          		unknown

          URLs from Memory and Binaries

          NameSourceMaliciousAntivirus DetectionReputation
          http://web.503188.com/?msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpfalse
            		unknown
            http://www.4399.com/flash/32979.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
              		unknown
              http://hao123.di178.com/?r916msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpfalse
                		unknown
                https://www.4399.com/flash/180977_3.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                  		unknown
                  https://tg.602.commsedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpfalse
                    		unknown
                    https://www.4399.com/flash/127539_4.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                      		unknown
                      http://anglebug.com/4633msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpfalse
                      • URL Reputation: safe
                      		unknown
                      https://anglebug.com/7382msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpfalse
                      • URL Reputation: safe
                      		unknown
                      https://www.4399.com/flash/205462_4.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                        		unknown
                        https://www.4399.com/flash/145991_4.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                          		unknown
                          http://www.chambersign.org1msedgewebview2.exe, 00000003.00000002.3415603398.00002C000285C000.00000004.00000800.00020000.00000000.sdmpfalse
                          • URL Reputation: safe
                          		unknown
                          https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0msedgewebview2.exe, 00000003.00000002.3420630640.00002C00032E8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2204868772.00006BF8002C8000.00000004.00000800.00020000.00000000.sdmp, data_3.7.drfalse
                            		unknown
                            https://ntp.msn.cn/edge/ntpmsedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpfalse
                              		unknown
                              https://www.4399.com/flash/39379_2.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                		unknown
                                https://www.4399.com/flash/55146_4.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                  		unknown
                                  https://www.4399.com/flash/195673_4.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                    		unknown
                                    https://kf.07073.commsedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpfalse
                                      		unknown
                                      http://unisolated.invalid/msedgewebview2.exe, 00000003.00000002.3418425879.00002C0002E9C000.00000004.00000800.00020000.00000000.sdmpfalse
                                        		unknown
                                        https://permanently-removed.invalid/v1:GetHintsmsedgewebview2.exe, 00000003.00000002.3414940170.00002C00026D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                          		unknown
                                          https://www.4399.com/flash/18012.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                            		unknown
                                            http://bd.gy912.commsedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpfalse
                                              		unknown
                                              https://www.91duba.com/?f=msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                		unknown
                                                http://anglebug.com/6929msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpfalse
                                                • URL Reputation: safe
                                                		unknown
                                                https://www.4399.com/flash/217926_2.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                  		unknown
                                                  http://tauri.localhost/tauri.localhost_defaultmsedgewebview2.exe, 00000003.00000002.3420630640.00002C00032E8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3421034178.00002C0003684000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3405012234.0000020EB1460000.00000002.00000001.00040000.00000038.sdmp, QuotaManager.3.drfalse
                                                    		unknown
                                                    https://www.4399.com/flash/218860_1.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      		unknown
                                                      https://anglebug.com/7246msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpfalse
                                                      • URL Reputation: safe
                                                      		unknown
                                                      https://www.4399.com/flash/27924_2.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        		unknown
                                                        https://anglebug.com/7369msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://anglebug.com/7489msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        • URL Reputation: safe
                                                        		unknown
                                                        https://github.com/rust-windowing/taoSecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpfalse
                                                          		unknown
                                                          http://anglebug.com/3498idmsedgewebview2.exe, 00000003.00000002.3415603398.00002C000285C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                            		unknown
                                                            http://i.pki.goog/r1.crt0msedgewebview2.exe, 00000003.00000003.2745985101.00002C0002440000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2746007975.00002C0003980000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417379313.00002C0002CC1000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761508694.00006BF8003B9000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3405958724.00006BF80056C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761274826.00006BF80011C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                              		unknown
                                                              https://www.4399.com/flash/18012_4.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                		unknown
                                                                https://www.newduba.cn/?msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                  		unknown
                                                                  https://www.4399.com/flash/48504.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                    		unknown
                                                                    https://issuetracker.google.com/161903006msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419739409.00002C0003140000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405903194.0000309000148000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406561487.00003090001F8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3405478388.0000309000108000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                    • URL Reputation: safe
                                                                    		unknown
                                                                    https://www.office.com/OfficeeEATEmsedgewebview2.exe, 00000003.00000002.3417205706.00002C0002C9F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      		unknown
                                                                      http://i.pki.goog/wr2.crt0msedgewebview2.exe, 00000003.00000003.2745985101.00002C0002440000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2746007975.00002C0003980000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417379313.00002C0002CC1000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761508694.00006BF8003B9000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761274826.00006BF80011C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3406031773.00006BF800578000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        		unknown
                                                                        https://lx.pub/Pmsedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		unknown
                                                                          https://tp.9377s.commsedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		unknown
                                                                            http://anglebug.com/4722msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            • URL Reputation: safe
                                                                            		unknown
                                                                            http://permanently-removed.invalid/msedgewebview2.exe, 00000003.00000002.3413561546.00002C00023E8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		unknown
                                                                              http://r.emsoso.cnmsedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		unknown
                                                                                https://www.4399.com/flash/zmhj.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		unknown
                                                                                  https://github.com/0x170)msedgewebview2.exe, 00000003.00000003.2230768052.00002C00037AC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2250022424.00002C00036DC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2230955381.00002C0003778000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2258132863.00002C0003710000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2228212150.000004E400381000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2244126132.00000A1402C50000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2245096025.00000A1402A44000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		unknown
                                                                                    https://github.com/moniang)msedgewebview2.exe, 00000003.00000003.2230768052.00002C00037AC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2250022424.00002C00036DC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2230955381.00002C0003778000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2258132863.00002C0003710000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2228212150.000004E400381000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2244126132.00000A1402C50000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2245096025.00000A1402A44000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		unknown
                                                                                      https://www.4399.com/flash/69156_1.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		unknown
                                                                                        https://www.4399.com/flash/776_1.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		unknown
                                                                                          http://129fy.ie.chalai.netmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		unknown
                                                                                            https://www.4399.com/flash/198637_4.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		unknown
                                                                                              https://www.4399.com/flash/133630_4.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		unknown
                                                                                                https://www.4399.com/flash/1382_2.htmhttps://www.4399.com/flash/137953_4.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		unknown
                                                                                                  http://html4/loose.dtdSecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpfalse
                                                                                                    		unknown
                                                                                                    https://www.4399.com/flash/218717_2.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		unknown
                                                                                                      https://www.4399.com/flash/136516_3.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		unknown
                                                                                                        http://r.emsoso.cnamsedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		unknown
                                                                                                          https://www.4399.com/flash/203215_3.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		unknown
                                                                                                            https://www.4399.com/flash/207195_4.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		unknown
                                                                                                              http://anglebug.com/3502msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              • URL Reputation: safe
                                                                                                              		unknown
                                                                                                              http://anglebug.com/3623msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419362814.00002C0003088000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404856855.0000309000098000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              • URL Reputation: safe
                                                                                                              		unknown
                                                                                                              https://discovery.lenovo.com.cn/home062291msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		unknown
                                                                                                                https://www.newduba.cn/?f=msedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  		unknown
                                                                                                                  http://anglebug.com/3625msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419362814.00002C0003088000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404856855.0000309000098000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                  • URL Reputation: safe
                                                                                                                  		unknown
                                                                                                                  https://designerapp-int.azurewebsites.net/msedgewebview2.exe, 00000003.00000002.3413561546.00002C00023E8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		unknown
                                                                                                                    http://anglebug.com/3624msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419362814.00002C0003088000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404856855.0000309000098000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    • URL Reputation: safe
                                                                                                                    		unknown
                                                                                                                    https://xsts.auth.xboxlive.commsedgewebview2.exe, 00000003.00000002.3402468856.0000020EAB91F000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                      		unknown
                                                                                                                      https://www.4399.com/flash/217855_4.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		unknown
                                                                                                                        http://anglebug.com/3862msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        • URL Reputation: safe
                                                                                                                        		unknown
                                                                                                                        https://docs.rs/getrandom#nodejs-es-module-supportSecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpfalse
                                                                                                                        • URL Reputation: safe
                                                                                                                        		unknown
                                                                                                                        https://yxtg.taojike.com.cn/tg/ttfc.html?sc=msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		unknown
                                                                                                                          http://anglebug.com/4836msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          • URL Reputation: safe
                                                                                                                          		unknown
                                                                                                                          https://issuetracker.google.com/issues/166475273msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3419601238.00002C0003110000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404201605.000030900001C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          • URL Reputation: safe
                                                                                                                          		unknown
                                                                                                                          https://www.4399.com/flash/21674_3.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		unknown
                                                                                                                            https://www.4399.com/flash/204650_1.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              		unknown
                                                                                                                              https://sts.windows.net/msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		unknown
                                                                                                                                https://www.4399.com/flash/115339_1.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  		unknown
                                                                                                                                  https://www.4399.com/flash/203369_3.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		unknown
                                                                                                                                    https://www.jiegeng.commsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		unknown
                                                                                                                                      https://internet-start.net/?msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		unknown
                                                                                                                                        http://tauri.localhost/favicon.icomsedgewebview2.exe, 00000003.00000002.3420210061.00002C0003210000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3418906701.00002C0002F6C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2258224822.00002C00037EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3420582774.00002C00032D8000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2745875763.00002C00037EC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3421167456.00002C00037F0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2230768052.00002C00037E0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000009.00000003.2230680944.00000A1400A7C000.00000004.00000800.00020000.00000000.sdmp, Favicons.3.drfalse
                                                                                                                                          		unknown
                                                                                                                                          https://www.4399.com/flash/35538.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            		unknown
                                                                                                                                            https://www.4399.com/flash/218066_3.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		unknown
                                                                                                                                              https://www.4399.com/flash/6232_3.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		unknown
                                                                                                                                                https://www.4399.com/flash/195990_1.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		unknown
                                                                                                                                                  https://www.4399.com/flash/12669_4.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		unknown
                                                                                                                                                    https://www.4399.com/flash/204056_4.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		unknown
                                                                                                                                                      http://anglebug.com/3970msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3411726465.00002C000221C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159665249.0000309000160000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      • URL Reputation: safe
                                                                                                                                                      		unknown
                                                                                                                                                      http://c.pki.goog/r/r1.crl0msedgewebview2.exe, 00000003.00000003.2745985101.00002C0002440000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2746007975.00002C0003980000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417379313.00002C0002CC1000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761508694.00006BF8003B9000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000002.3405958724.00006BF80056C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000007.00000003.2761274826.00006BF80011C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		unknown
                                                                                                                                                        https://www.4399.com/flash/205090_2.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                          		unknown
                                                                                                                                                          https://www.startfenster.demsedgewebview2.exe, 00000003.00000002.3415422037.00002C000280C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		unknown
                                                                                                                                                            http://click.dotmap.co.kr/?pf_code=https://www.nate.com/?f=nateontbmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		unknown
                                                                                                                                                              https://www.4399.com/flash/10379_3.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		unknown
                                                                                                                                                                https://www.4399.com/flash/203018_4.htmmsedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                  		unknown
                                                                                                                                                                  http://.jpgSecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe, 00000000.00000000.2132297694.00007FF64C993000.00000002.00000001.01000000.00000003.sdmpfalse
                                                                                                                                                                    		unknown
                                                                                                                                                                    http://tauri.localhost:80msedgewebview2.exe, 00000003.00000002.3416027583.00002C0002934000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		unknown
                                                                                                                                                                      https://login.chinacloudapi.cn/msedgewebview2.exe, 00000003.00000002.3413931781.00002C0002450000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		unknown
                                                                                                                                                                        https://www.so.com/?src=msedgewebview2.exe, 00000003.00000002.3415331555.00002C00027D8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		unknown
                                                                                                                                                                          http://anglebug.com/5901msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159708191.000030900017C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159688521.0000309000170000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          • URL Reputation: safe
                                                                                                                                                                          		unknown
                                                                                                                                                                          http://anglebug.com/3965msedgewebview2.exe, 00000003.00000003.2161210593.00002C0003048000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000002.3417422920.00002C0002CCC000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000003.00000003.2161243003.00002C0003124000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159777593.000030900019C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001B0000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3406675047.000030900020C000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2169267871.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000003.2159727744.00003090001C4000.00000004.00000800.00020000.00000000.sdmp, msedgewebview2.exe, 00000006.00000002.3404311371.0000309000038000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          • URL Reputation: safe
                                                                                                                                                                          		unknown

                                                                                                                                                                          World Map of Contacted IPs

                                                                                                                                                                          • No. of IPs < 25%
                                                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                                                          • 75% < No. of IPs

                                                                                                                                                                          Public IPs

                                                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                          162.159.61.3
                                                                                                                                                                          		chrome.cloudflare-dns.comUnited States
                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                          132.145.248.22
                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                          		31898ORACLE-BMC-31898USfalse
                                                                                                                                                                          142.251.116.102
                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                          142.250.138.94
                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                          52.123.243.92
                                                                                                                                                                          		svc.ms-acdc-teams.office.comUnited States
                                                                                                                                                                          		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                                                                                                                                                                          140.82.121.4
                                                                                                                                                                          		github.comUnited States
                                                                                                                                                                          		36459GITHUBUSfalse
                                                                                                                                                                          142.251.116.95
                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                          185.199.111.133
                                                                                                                                                                          		objects.githubusercontent.comNetherlands
                                                                                                                                                                          		54113FASTLYUSfalse

                                                                                                                                                                          Private

                                                                                                                                                                          IP
                                                                                                                                                                          127.0.0.1

                                                                                                                                                                          General Information

                                                                                                                                                                          Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                          Analysis ID:1547435
                                                                                                                                                                          Start date and time:2024-11-02 14:04:10 +01:00
                                                                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                                                                          Overall analysis duration:0h 7m 6s
                                                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                                                          Report type:full
                                                                                                                                                                          Cookbook file name:default.jbs
                                                                                                                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                          Number of analysed new started processes analysed:15
                                                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                                                          Number of injected processes analysed:0
                                                                                                                                                                          Technologies:
                                                                                                                                                                          • HCA enabled
                                                                                                                                                                          • EGA enabled
                                                                                                                                                                          • AMSI enabled
                                                                                                                                                                          Analysis Mode:default
                                                                                                                                                                          Analysis stop reason:Timeout
                                                                                                                                                                          Sample name:SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe
                                                                                                                                                                          Detection:MAL
                                                                                                                                                                          Classification:mal52.mine.winEXE@14/172@10/9
                                                                                                                                                                          EGA Information:Failed
                                                                                                                                                                          HCA Information:
                                                                                                                                                                          • Successful, ratio: 100%
                                                                                                                                                                          • Number of executed functions: 0
                                                                                                                                                                          • Number of non-executed functions: 0
                                                                                                                                                                          Cookbook Comments:
                                                                                                                                                                          • Found application associated with file extension: .exe

                                                                                                                                                                          Warnings

                                                                                                                                                                          • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
                                                                                                                                                                          • Excluded IPs from analysis (whitelisted): 142.250.185.200, 142.250.113.94, 204.79.197.239, 13.107.21.239
                                                                                                                                                                          • Excluded domains from analysis (whitelisted): edge-microsoft-com.dual-a-0036.a-msedge.net, client.wns.windows.com, fs.microsoft.com, config.edge.skype.com.trafficmanager.net, otelrules.azureedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com, edge.microsoft.com, fe3cr.delivery.mp.microsoft.com, ocsp.digicert.com, l-0007.config.skype.com, www.googletagmanager.com, msedge.b.tlu.dl.delivery.mp.microsoft.com, www.gstatic.com, config.edge.skype.com, dual-a-0036.a-msedge.net, mira.config.skype.com
                                                                                                                                                                          • Report size getting too big, too many NtDeviceIoControlFile calls found.
                                                                                                                                                                          • Report size getting too big, too many NtEnumerateValueKey calls found.
                                                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                          • Report size getting too big, too many NtReadVirtualMemory calls found.
                                                                                                                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                          • VT rate limit hit for: SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe

                                                                                                                                                                          Simulations

                                                                                                                                                                          Behavior and APIs

                                                                                                                                                                          No simulations

                                                                                                                                                                          Joe Sandbox View / Context

                                                                                                                                                                          IPs

                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                          162.159.61.3file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, Credential Flusher, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                            file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                czxw4iVMHJ.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                  file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                    file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                      file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                        https://u7990385.ct.sendgrid.net/ls/click?upn=u001.oZ6GXC16Ztdw1ob-2F3C5yow-2FsK2YC4S8s269h9OLgp-2FGcQesCtXDXKgCEAF90Sa3OUL2ncGoAKstQjRhddelr-2Bx3frrehyL8aaBbhAx-2Fm3uQTToUZwzw9vU-2BHl4N8-2FbXNOWh47xHSpNswH5B20hFc1rkwm1HkocouB6puE-2FnM91Ea9xIyldie1eyHQvDQGF6-2F1OUGSCOg8K-2Fk8REDXGncryLNWAkNll9tI4svh29XngoJuJcvPHIwWw07juA1Lr687mlf_LZJN6rqeZVHTY7vi7TysfnSOWUsKUPL2t2FWuf1mHJZyRrnfnXk5in-2FtsLaVkEL4z-2F5H1v5rdZCMtKV4-2B7XswPaXSOX44YEil-2BgQ6f1-2BLxpcwnoVslshbeFD8-2FSkDYUL5gsTS7cnhi8iHs4T9b6wzPIbVlUAEwQAwoGeUFJH5x3RAGtspzpDyRWDwHNrMMOluLHeocJQAj7iS1dnS-2B-2Fhpf21Fjpr9lUosnkGJYIkfG0KNsjglBmf2yQvwZsg0Wp706kciqJgB5pqtemV1qFgZLIL2K-2BsyRLGqv3bbeqv6LWX-2Fbn97e4q8h4LdJzfXKTxRJD2tMgj2k7Ls1BdPjLturPdeJvpG2db-2FhwENpXetZR7k21gPz6in5zk7zhcmgIkZssf1WUkdDcjfwIeY2HuQe6EHwacpAnjlFSG7cGBDYbRKnbjWz72QvhesvDQrxGZA-2F-2FwuD5CryGFeRAazVMLU-2FTUgYuXTJzCzL6qav9lYxCC-2Bwx97sSjci4FffUtDhPcIZfKCP-2Ff9rufbc-2FOdTD6VLIHU5lNW4k8Nb-2FWedSu8kS9RXhRxjWAbV4qYK-2F68HLgFHbzOrm6M-2FG6a-2BnVs9TkK9ei8xVDo6cAhkQYCxDYOCBJJC-2BfLWulZgQ85hdg59312Kv6zX2g11nE5GRn-2B6U-2B2tuv67vEmY8CUatMt7UrQHEhVlrPnXi1EamUHW4AGpMQfKBj0GXRdJxG0fD3Zx-2FiIXcDEoi3GhoWLQTKZU-2FWlBKJiyqDLjDXS6qRg1X-2Fsd3R5k7fswdpYLTizSHt12T6-2Bo0IoKg0cyJsPKBfoK9Uleu7f9wgtdH4RtvaMbk9-2Buqhl6zW9NHZET-2BbGJHqyqlBeTSBtTZM6ltHEDZrojb0Lhszq-2BKoSCsuyjzgKAFmmWSRMGxwsXoHHuV8LoFEZjuiOSkTWEP-2FvQ0ZaWfqnp81VXTEktfVY9Xmx-2FaHq5NRH3vqpZc6LNkkSHnpJBPIYA83Mw-3D-3DGet hashmaliciousUnknownBrowse
                                                                                                                                                                                          https://u7990385.ct.sendgrid.net/ls/click?upn=u001.oZ6GXC16Ztdw1ob-2F3C5yow-2FsK2YC4S8s269h9OLgp-2FGcQesCtXDXKgCEAF90Sa3OUL2ncGoAKstQjRhddelr-2Bx3frrehyL8aaBbhAx-2Fm3uQTToUZwzw9vU-2BHl4N8-2FbXNrXNM8F2aafYGXvb9twEoQeHC7ZwjccAi1SjLazzmL714x6k-2BjB-2FYwt496nNWzarkpA5xghtVvgqYssmknAftbQJOVkiDX5sql0puMOlG6Ca2eid008YPu-2FJJAayp-2BNXls84A_lhEpvcamcm95WhC017PRgRonrgi5omZ3brQwNa5yLk0xxDl3uLY9zV0ZhBwsp9AfIBgWj8srFe156S5Zns8ZjIc0B22GBm-2FhZ3msRvLKzUyGIuCFlA1E-2FK-2F4jc3IgU8qM5k5KxMmIwIRDSCQDvTZvmwB5zeTeqWWEJR7CvWSpeaqIj3hj5IgcRcoPBdptLYrUK3YLUsGuU0Nn50M3ArOROvseGYqZul0QkeqtDR41-2FsPFt-2Bw0YWW2P5gsCDH4XINxncIhICPIqlacC1ih-2B-2BRAhsouCrf5nolEyzWx0VnR2OrLuGwvR4-2BmBTgXGq5SQJ3CbNvM-2FaB5BLerpFqmqjPC-2FBlK6th1iVrhfmtBEFKLash-2FnkPpQ9qFxGwWTexJMh100AS4PilK2-2BJDfvjssuxk2jP-2BTagNOazV2F1Jk9Mugr3y7E9SivEGWyUbzdMThmnpVydb1qOFwMiocztErv1WWaB8B20Oa2SLt-2BLBsMdusfLwd3NNzPre6el-2F-2BIwBxDAqBb9JLV6vOLzfaD2L4-2BEuPbgzcrscVtaCNyARGoPUKi03imhTbJEcig8L4weEiABND5vwKtA-2FhKo5AjxecXMO22Vq7Og2y7v-2BJNgFB9rr-2Bm4W45XZxFP39Dqi18SUPOKX4pHFrdACciPinuj2QtBtIGNjV46-2Bve9hu0g1-2FpG1tOVv9Ebn32k-2Bl6CF6b6jzS3aTQvZkWKNIwLx5CoGs9uomn9yZPi6QaiSTeQkZ1uHupSYpVxbBCb-2FUyo6kMlbB0P27ShEzUFVY-2FpfPcfFofTKD4p7rklaM-2FIuG8-2F3ytR7SJ7I8GmSP8NTWs4vu3NTpV5MkgHfjeFoK-2BDQh6M7S2ys2qIf8m3qiLtFMHY6p7m4ep8JZqbC0axloFSX-2Fzbz51ZW-2BsyQEEbRqwx0S1i4lo9NhRXrfXOvn0A83bBDk31g9QfoWTGhHCjSEfuca9KJwe0GCABYAuqYeYHMc5qXhPv86r0l0ldRpwe39V9LJ5m6Go-3DGet hashmaliciousUnknownBrowse
                                                                                                                                                                                            https://pcapp.store/pixel.gifGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              140.82.121.4RfORrHIRNe.docGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • github.com/ssbb36/stv/raw/main/5.mp3
                                                                                                                                                                                              185.199.111.133cr_asm2.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                              • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                                                                                                              cr_asm_crypter.ps1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                              • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                                                                                                              cr_asm_hiddenz.ps1Get hashmaliciousAsyncRAT, XWormBrowse
                                                                                                                                                                                              • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt
                                                                                                                                                                                              BeginSync lnk.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • raw.githubusercontent.com/Neth3N/na9ow3495raygwi4gyrhuawerawera/main/gaber.txt

                                                                                                                                                                                              Domains

                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                              svc.ms-acdc-teams.office.comfile.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                              • 52.123.243.94
                                                                                                                                                                                              Seeking Assistance for Legal Assistance in a Medical Matter.msgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 52.123.243.81
                                                                                                                                                                                              https://1drv.ms/b/c/7bab8803aa446446/EVRHiu8efYZAkD-YFD5xQmIBzT5hMnGkyiNpwrnOj-mH_gGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                              • 52.123.224.72
                                                                                                                                                                                              file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 52.123.243.83
                                                                                                                                                                                              Inspection Notice.msgGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                              • 52.123.243.74
                                                                                                                                                                                              file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 52.123.243.199
                                                                                                                                                                                              Order_ 039924.docx.docGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 52.123.243.78
                                                                                                                                                                                              z42ordemdecomprapdf.exeGet hashmaliciousFormBookBrowse
                                                                                                                                                                                              • 52.123.243.200
                                                                                                                                                                                              Firstontario Caller VM_00_94 Seconds REF#e764f827cc206df3733c6c719eb86bc36b5f54d1 7_9_2024Get hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 52.123.243.81
                                                                                                                                                                                              11fa2b48-c25d-d2a8-7e3d-327f8f3a8ace.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 52.123.243.199
                                                                                                                                                                                              chrome.cloudflare-dns.comfile.exeGet hashmaliciousPureCrypter, LummaC, Amadey, Credential Flusher, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                              • 172.64.41.3
                                                                                                                                                                                              file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                              • 172.64.41.3
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                              • 172.64.41.3
                                                                                                                                                                                              czxw4iVMHJ.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                              • 172.64.41.3
                                                                                                                                                                                              JHPvqMzKbz.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                              • 172.64.41.3
                                                                                                                                                                                              file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                              • 172.64.41.3
                                                                                                                                                                                              file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                              • 172.64.41.3
                                                                                                                                                                                              file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                              • 172.64.41.3
                                                                                                                                                                                              https://u7990385.ct.sendgrid.net/ls/click?upn=u001.oZ6GXC16Ztdw1ob-2F3C5yow-2FsK2YC4S8s269h9OLgp-2FGcQesCtXDXKgCEAF90Sa3OUL2ncGoAKstQjRhddelr-2Bx3frrehyL8aaBbhAx-2Fm3uQTToUZwzw9vU-2BHl4N8-2FbXNOWh47xHSpNswH5B20hFc1rkwm1HkocouB6puE-2FnM91Ea9xIyldie1eyHQvDQGF6-2F1OUGSCOg8K-2Fk8REDXGncryLNWAkNll9tI4svh29XngoJuJcvPHIwWw07juA1Lr687mlf_LZJN6rqeZVHTY7vi7TysfnSOWUsKUPL2t2FWuf1mHJZyRrnfnXk5in-2FtsLaVkEL4z-2F5H1v5rdZCMtKV4-2B7XswPaXSOX44YEil-2BgQ6f1-2BLxpcwnoVslshbeFD8-2FSkDYUL5gsTS7cnhi8iHs4T9b6wzPIbVlUAEwQAwoGeUFJH5x3RAGtspzpDyRWDwHNrMMOluLHeocJQAj7iS1dnS-2B-2Fhpf21Fjpr9lUosnkGJYIkfG0KNsjglBmf2yQvwZsg0Wp706kciqJgB5pqtemV1qFgZLIL2K-2BsyRLGqv3bbeqv6LWX-2Fbn97e4q8h4LdJzfXKTxRJD2tMgj2k7Ls1BdPjLturPdeJvpG2db-2FhwENpXetZR7k21gPz6in5zk7zhcmgIkZssf1WUkdDcjfwIeY2HuQe6EHwacpAnjlFSG7cGBDYbRKnbjWz72QvhesvDQrxGZA-2F-2FwuD5CryGFeRAazVMLU-2FTUgYuXTJzCzL6qav9lYxCC-2Bwx97sSjci4FffUtDhPcIZfKCP-2Ff9rufbc-2FOdTD6VLIHU5lNW4k8Nb-2FWedSu8kS9RXhRxjWAbV4qYK-2F68HLgFHbzOrm6M-2FG6a-2BnVs9TkK9ei8xVDo6cAhkQYCxDYOCBJJC-2BfLWulZgQ85hdg59312Kv6zX2g11nE5GRn-2B6U-2B2tuv67vEmY8CUatMt7UrQHEhVlrPnXi1EamUHW4AGpMQfKBj0GXRdJxG0fD3Zx-2FiIXcDEoi3GhoWLQTKZU-2FWlBKJiyqDLjDXS6qRg1X-2Fsd3R5k7fswdpYLTizSHt12T6-2Bo0IoKg0cyJsPKBfoK9Uleu7f9wgtdH4RtvaMbk9-2Buqhl6zW9NHZET-2BbGJHqyqlBeTSBtTZM6ltHEDZrojb0Lhszq-2BKoSCsuyjzgKAFmmWSRMGxwsXoHHuV8LoFEZjuiOSkTWEP-2FvQ0ZaWfqnp81VXTEktfVY9Xmx-2FaHq5NRH3vqpZc6LNkkSHnpJBPIYA83Mw-3D-3DGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 162.159.61.3
                                                                                                                                                                                              file.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                              • 162.159.61.3
                                                                                                                                                                                              github.comSecuriteInfo.com.Trojan.DownLoad4.16905.7671.26379.exeGet hashmaliciousAsyncRAT, DcRatBrowse
                                                                                                                                                                                              • 140.82.114.4
                                                                                                                                                                                              SecuriteInfo.com.Trojan.DownLoad4.16907.22610.407.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              SecuriteInfo.com.Trojan.DownLoad4.16905.7671.26379.exeGet hashmaliciousAsyncRAT, DcRatBrowse
                                                                                                                                                                                              • 140.82.121.3
                                                                                                                                                                                              SecuriteInfo.com.Trojan.DownLoad4.16907.22610.407.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              Pt7TlAjQtn.exeGet hashmaliciousAveMaria, WhiteSnake StealerBrowse
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              file.exeGet hashmaliciousWhiteSnake StealerBrowse
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 140.82.121.3
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                              • 140.82.121.3
                                                                                                                                                                                              objects.githubusercontent.comPt7TlAjQtn.exeGet hashmaliciousAveMaria, WhiteSnake StealerBrowse
                                                                                                                                                                                              • 185.199.109.133
                                                                                                                                                                                              file.exeGet hashmaliciousWhiteSnake StealerBrowse
                                                                                                                                                                                              • 185.199.110.133
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, AsyncRAT, LummaC Stealer, Stealc, XWormBrowse
                                                                                                                                                                                              • 185.199.110.133
                                                                                                                                                                                              SecuriteInfo.com.Win64.Trojan.Agent.2S9FJA.25494.32016.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 185.199.110.133
                                                                                                                                                                                              SecuriteInfo.com.Win64.Trojan.Agent.2S9FJA.25494.32016.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 185.199.109.133
                                                                                                                                                                                              General Agreement.docx.exeGet hashmaliciousPython Stealer, Babadeda, Exela Stealer, Waltuhium GrabberBrowse
                                                                                                                                                                                              • 185.199.111.133
                                                                                                                                                                                              SecuriteInfo.com.PossibleThreat.DU.6301.11346.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 185.199.109.133
                                                                                                                                                                                              steamcodegenerator.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 185.199.109.133
                                                                                                                                                                                              steamcodegenerator.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 185.199.111.133
                                                                                                                                                                                              SecuriteInfo.com.Win32.MalwareX-gen.17953.1345.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 185.199.108.133

                                                                                                                                                                                              ASNs

                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                              CLOUDFLARENETUSReservation Detail Booking.com ID4336.vbsGet hashmaliciousAsyncRAT, PureLog Stealer, zgRATBrowse
                                                                                                                                                                                              • 104.18.86.42
                                                                                                                                                                                              file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, Credential Flusher, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                              • 172.64.41.3
                                                                                                                                                                                              file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                              • 188.114.96.3
                                                                                                                                                                                              file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                              • 188.114.97.3
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                                                                                              • 188.114.97.3
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                              • 188.114.96.3
                                                                                                                                                                                              file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                              • 188.114.97.3
                                                                                                                                                                                              file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                              • 188.114.97.3
                                                                                                                                                                                              New Order list attached.exeGet hashmaliciousDBatLoader, FormBookBrowse
                                                                                                                                                                                              • 172.67.186.250
                                                                                                                                                                                              1730537044dd01929d6467da9e0bc05cd98b8bc5df2688589dd2eaebbc46df2ed3bf068fc2733.dat-decoded.exeGet hashmaliciousAsyncRAT, XWormBrowse
                                                                                                                                                                                              • 104.20.3.235
                                                                                                                                                                                              MICROSOFT-CORP-MSN-AS-BLOCKUSfile.exeGet hashmaliciousPureCrypter, LummaC, Amadey, Credential Flusher, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                              • 13.107.253.45
                                                                                                                                                                                              mcron-vip-1.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 20.56.16.3
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, Cryptbot, LummaC Stealer, Socks5Systemz, Stealc, VidarBrowse
                                                                                                                                                                                              • 52.168.117.173
                                                                                                                                                                                              spc.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                              • 21.244.4.50
                                                                                                                                                                                              m68k.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 20.127.23.199
                                                                                                                                                                                              mpsl.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                              • 52.245.21.241
                                                                                                                                                                                              arm6.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 21.9.102.78
                                                                                                                                                                                              ppc.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                              • 52.121.72.154
                                                                                                                                                                                              sh4.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                              • 21.244.4.80
                                                                                                                                                                                              x86_32.elfGet hashmaliciousGafgytBrowse
                                                                                                                                                                                              • 13.64.92.64
                                                                                                                                                                                              ORACLE-BMC-31898USfile.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                                                                                                              • 193.122.130.0
                                                                                                                                                                                              Ziraat Bankasi Swift Mesaji.pdf.exeGet hashmaliciousMassLogger RATBrowse
                                                                                                                                                                                              • 193.122.130.0
                                                                                                                                                                                              SWIFT COPY 2.docGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                                                                                                              • 158.101.44.242
                                                                                                                                                                                              rQUOTATION_NOVQTRA071244__PDF.scr.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                              • 158.101.44.242
                                                                                                                                                                                              Payment info.exeGet hashmaliciousMassLogger RAT, PureLog StealerBrowse
                                                                                                                                                                                              • 158.101.44.242
                                                                                                                                                                                              z79PROFORMAINVOICE.exeGet hashmaliciousMassLogger RAT, PureLog StealerBrowse
                                                                                                                                                                                              • 193.122.6.168
                                                                                                                                                                                              Gu#U00eda de carga de DHL_pdf.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                              • 158.101.44.242
                                                                                                                                                                                              Alvise Maria CV 1.exeGet hashmaliciousPureLog Stealer, Snake KeyloggerBrowse
                                                                                                                                                                                              • 158.101.44.242
                                                                                                                                                                                              2Lzx7LMDWV.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                                                                                                              • 193.122.6.168
                                                                                                                                                                                              Quotation Document.exeGet hashmaliciousMassLogger RAT, PureLog StealerBrowse
                                                                                                                                                                                              • 193.122.6.168
                                                                                                                                                                                              GITHUBUSSecuriteInfo.com.Trojan.DownLoad4.16905.7671.26379.exeGet hashmaliciousAsyncRAT, DcRatBrowse
                                                                                                                                                                                              • 140.82.114.4
                                                                                                                                                                                              SecuriteInfo.com.Trojan.DownLoad4.16907.22610.407.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              SecuriteInfo.com.Trojan.DownLoad4.16905.7671.26379.exeGet hashmaliciousAsyncRAT, DcRatBrowse
                                                                                                                                                                                              • 140.82.121.3
                                                                                                                                                                                              SecuriteInfo.com.Trojan.DownLoad4.16907.22610.407.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              Pt7TlAjQtn.exeGet hashmaliciousAveMaria, WhiteSnake StealerBrowse
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              file.exeGet hashmaliciousWhiteSnake StealerBrowse
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 140.82.121.3
                                                                                                                                                                                              file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, LummaC Stealer, StealcBrowse
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                              • 140.82.121.3

                                                                                                                                                                                              JA3 Fingerprints

                                                                                                                                                                                              MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                              3b5074b1b5d032e5620f69f9f700ff0eReservation Detail Booking.com ID4336.vbsGet hashmaliciousAsyncRAT, PureLog Stealer, zgRATBrowse
                                                                                                                                                                                              • 185.199.111.133
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              image.ps1Get hashmaliciousAsyncRAT, PureLog Stealer, zgRATBrowse
                                                                                                                                                                                              • 185.199.111.133
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              4mdl6SULX9.jsGet hashmaliciousAsyncRAT, PureLog Stealer, zgRATBrowse
                                                                                                                                                                                              • 185.199.111.133
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              1730537044dd01929d6467da9e0bc05cd98b8bc5df2688589dd2eaebbc46df2ed3bf068fc2733.dat-decoded.exeGet hashmaliciousAsyncRAT, XWormBrowse
                                                                                                                                                                                              • 185.199.111.133
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              bcb.vbsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 185.199.111.133
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              cac.jsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 185.199.111.133
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              caprus.vbsGet hashmaliciousUnknownBrowse
                                                                                                                                                                                              • 185.199.111.133
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                              • 185.199.111.133
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              TROODOS AIR PARTICULARS.pdf.exeGet hashmaliciousAgentTesla, PureLog StealerBrowse
                                                                                                                                                                                              • 185.199.111.133
                                                                                                                                                                                              • 140.82.121.4
                                                                                                                                                                                              SecuriteInfo.com.Win32.Evo-gen.2279.7595.exeGet hashmaliciousPureLog Stealer, zgRATBrowse
                                                                                                                                                                                              • 185.199.111.133
                                                                                                                                                                                              • 140.82.121.4

                                                                                                                                                                                              Dropped Files

                                                                                                                                                                                              No context

                                                                                                                                                                                              Created / dropped Files

                                                                                                                                                                                              C:\Users\user\AppData\Local\D3DSCache\ab326b5a64fa2db7\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):65552
                                                                                                                                                                                              Entropy (8bit):0.01267959957008888
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:JklGlll/l/lXp9ZjrPBY0Ll4lt/Qf1DP:q0dPBY0y4dz
                                                                                                                                                                                              MD5:F82406D91DAD32A842033CE56EA73522
                                                                                                                                                                                              SHA1:4864C2D6780FF0F8211C4A561EE90F76AE2840E0
                                                                                                                                                                                              SHA-256:CF1AE0AB6FEB70464C9305F3355383B901CCBF0810F335ED5EA2FEB822C46638
                                                                                                                                                                                              SHA-512:F340D5B65B840BF7C9699AEF837F2107F8204E2ADE706175C415576B049C00FFD97328B59C7F4EC3A51B27724A0C4AB1C0E3075B53A3C78B51B224947B13FEC3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:moderate, very likely benign file
                                                                                                                                                                                              Preview:".7a........................................f...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\D3DSCache\ab326b5a64fa2db7\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4
                                                                                                                                                                                              Entropy (8bit):1.5
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:R:R
                                                                                                                                                                                              MD5:F49655F856ACB8884CC0ACE29216F511
                                                                                                                                                                                              SHA1:CB0F1F87EC0455EC349AAA950C600475AC7B7B6B
                                                                                                                                                                                              SHA-256:7852FCE59C67DDF1D6B8B997EAA1ADFAC004A9F3A91C37295DE9223674011FBA
                                                                                                                                                                                              SHA-512:599E93D25B174524495ED29653052B3590133096404873318F05FD68F4C9A5C9A3B30574551141FBB73D7329D6BE342699A17F3AE84554BAB784776DFDA2D5F8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Reputation:moderate, very likely benign file
                                                                                                                                                                                              Preview:EERF

                                                                                                                                                                                              C:\Users\user\AppData\Local\D3DSCache\ab326b5a64fa2db7\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:Matlab v4 mat-file (little endian) (, numeric, rows 0, columns 16, imaginary
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):65536
                                                                                                                                                                                              Entropy (8bit):0.03435668575671323
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:G9q0SbdlrYoWcV0Ndlg1IGiFTS2tGAYkAtD2Hrn:bpbdpYrNg1IlFoAzc2L
                                                                                                                                                                                              MD5:16D388D094ECDC534C83C4403965A9F4
                                                                                                                                                                                              SHA1:F18AC7E0A3D71E92B794DCE0A3832A119A45A4B7
                                                                                                                                                                                              SHA-256:A982B3BE404EBC13123D18E30EF704FA7860379DFD77FE6C0427A43931D6FBC6
                                                                                                                                                                                              SHA-512:D4502577A673595A8F3E63BA0F083090ECEF5AFF0EDC09FF5E84C8855ADE46955A1C62C216A7D3D790D7B1E21815365332ACCAB5CE8304A309A7D9534EB53333
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:....................(....x:no.&A.e.u~+..C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.W.e.b.V.i.e.w.\.A.p.p.l.i.c.a.t.i.o.n.\.1.1.7...0...2.0.4.5...4.7.\.m.s.e.d.g.e.w.e.b.v.i.e.w.2...e.x.e...........................(...p.DJ!.IL.....Zm.F............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2278
                                                                                                                                                                                              Entropy (8bit):3.8434541482857187
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:uiTrlKxrgxexl9Il8ulJNJ9O1wzV717ahd1rc:mvYDJNJ01wzp17aC
                                                                                                                                                                                              MD5:81E6CDBDF2FAD0B3AB394254CAB3CDE0
                                                                                                                                                                                              SHA1:7E82AAA9CA67D4E6A085ED05808F3FD5791D4455
                                                                                                                                                                                              SHA-256:FFD492DB3232F2102F7759C8108110005F8BF5057FB70A5D1AA6209A921770D2
                                                                                                                                                                                              SHA-512:B86CD7BC4E9069C775CE5B76D2C2CC5BCED3F0ACDC30E0D12DAEB238BA2B564075D9A0CBA4B9BF69A9CC372689F239D8CFC229E59E0832686F252E77E0E9D7DB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".g.P.I.+.P.D.A.t.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.n.X.v.R.o.6.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2684
                                                                                                                                                                                              Entropy (8bit):3.9019064079620165
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:uiTrlKx68Wa7x3Mrxl9Il8uoo0DQNQWQ7C24gJd+Ic0lUEZcyUEzzLPd/vc:a+vYK4yh74gJLc0lUIcyUY/K
                                                                                                                                                                                              MD5:1E82757358175525E028A3AB85CC1D88
                                                                                                                                                                                              SHA1:28E85AF371C1F6A25D4EE7C65C63530B8E42CEC2
                                                                                                                                                                                              SHA-256:20EF3DFFDDD1BD4770D3C9E0EC4F0E6554642522AC0F6DDC2A610C9B26C8B7FE
                                                                                                                                                                                              SHA-512:46FBC994B5C06CE3E809683CB9249157D0D075957308866E9B8EBDB48EC3D75D30747E25E815E5843A5E805B3325CC67FA8698706B593B7A2333250EA1EB5295
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".5.M.U.t.U./.l.L.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.n.X.v.R.o.6.

                                                                                                                                                                                              C:\Users\user\AppData\Local\Temp\cc97a341-d666-4153-89ab-0faec6beaa65.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 13262860
                                                                                                                                                                                              Category:modified
                                                                                                                                                                                              Size (bytes):2552007
                                                                                                                                                                                              Entropy (8bit):7.9791292304676755
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:49152:6EBvFnjIYT5tbPUH1JmK8a0f999qGnUH894iykGPtSbfeKPBOE3UhFD:VBtnzVtbPUzH0ftJ5WHtS7rPBnkhl
                                                                                                                                                                                              MD5:D5314EED4E914D8E1D8E3D12A6CF3E37
                                                                                                                                                                                              SHA1:CC184533AC34B3CB89B7A00A41C39E5E788AD39D
                                                                                                                                                                                              SHA-256:F2F18C91A34D415E94E3EA6CC607043FF6115B7A3FDCCF3519480224F18B125D
                                                                                                                                                                                              SHA-512:BBC00181C1C114D147B42764C5973041E1E7FC1F50DF21809C21FD2312DC5254EC24B4D4076488904043DD3479E71D2D3281B2B401FF75A355246FEF0469D16A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:...........].s...+.lM.....>...;..r.......(.D..|D....x..xZ.d=.[".F.......Y..l.il..."?[..7...b...+;>.N./.`=...2=<....l..(ln.7.....\..L..?Z..$.....zA........m.....i.:.'...S......W...:...\...5k.t...Oz..........{ .....DV67..f...!*...V.B...j..$...n..r......3M........e..)..|..+;.5K@.B.%V..R$.y.+$)!)FW ...zno..d_..[..[......I..7Q....o.$H.h=.Ah...8.....7s. .. .nbX.....u...`G5..5.....Qt.p.Z..2.'I.4.M..aD.!......./..9Q.F...).I.6T..<.~:..\.,...oV.h..6..M...%I..V..%@.....G..?I...]Z.er....jR..Z..S9.{...........b..p<Ca.@..._.o.w.....v..........G...=..yh'P.A...r,../..b.!.....:;9{.7.&..Q..!M.+'..D..#....0X...J.t.}.....Z.\.7....=....;[..k8p..}....1.d..<,ec.tao....../?..N.l..|e...m.N.o.r........._.[?.W ..K;..0..D..Z_}_<....".fAz;..Sh.$>.............4*..t....>..4.6..^xu..(v:.....NS.]N....P..^.+m..I.>.....s..n.X.u{.C..7.....oo..8..P..{<...j".Ma..7YBf..#.#U..h&.G6h...o...G_..]...r*....jl..6Wi........3.^..?./.q.NfR2.v.F.8_.jV..I.........'.c7.Z"......].R...

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\2d1f6f79-81f3-473d-8216-1a37b45ec4f7.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):17695
                                                                                                                                                                                              Entropy (8bit):6.06039309064084
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:RtMkaMJH2m8qVT8IeQ0I5t0b9lQg0gNlnAx0D3ay8j3F:LMkbJrT8IeQcrQgisKy21
                                                                                                                                                                                              MD5:1838519F4A1567AAFEB3A6B77ACD839C
                                                                                                                                                                                              SHA1:E5B319BC81F59A12062884B925228427A5424C34
                                                                                                                                                                                              SHA-256:D7B09525C626924A078830F8B7193F2B0B73D22079419F051857DB11ED60487B
                                                                                                                                                                                              SHA-512:F5755573D7CF3D0CE3A1C1564ED682A46BD99A10B512DEC749EAF4723B8A3104F85A594DC7754ED78BD07411E82415B186E8470F446E396760FBC8DDEA9A864A
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"desktop_session_duration_tracker":{"last_session_end_timestamp":"1730552712"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg8mcY6CmCjTJCmtsWFOcUf5vj04cw0e1yZe2WAl8svFn5IC43jfc+dLnGrEyDwAicHCxNdhlrVa5LEtTgt5u2lAK02pd198r5dr5VYgHj55vViEOsF96z3F4ONrN2yeYHGQlo5wvtB8h5moYSz3q4XkgOLF68CtN9bg4RrXXMpaCsrtm158Ii7QF+b2Xe4pcP9WmmQQPfW3MPK3vutAkF92eZ7P7Xw59TAM/Xo+dJlBvYcfjI+KQYiMwDeq8wvchf+8fPfPPLcZ/KFm8bG4FljbVPigsVWQEqHL2vBay66hdg1F7Kydil8K9Pwl4L

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\78573ade-3120-4d18-a474-6f1a753617c0.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16410
                                                                                                                                                                                              Entropy (8bit):6.066678103070566
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:RtMkaMJH2m8qVT8IeQ0I5t0b9lQg0mNBSnAxM3ay8j3F:LMkbJrT8IeQcrQg9MKy21
                                                                                                                                                                                              MD5:FFA63CC254882AC72C8CE0F9B0D73389
                                                                                                                                                                                              SHA1:63F7BB02E1A760A60A61C6C1707E2D845B2002E5
                                                                                                                                                                                              SHA-256:3B216F8C3F988A80BB45A18E5E5A00F9CE837FDB8020F85F1E4BD0D4BDE2373B
                                                                                                                                                                                              SHA-512:A8233EFADC64C05FDAC25A6D2CD9CC18630564BF5D775C2C21895846695154A3A458DBB63F7E32687FEB05A09FEB01C3580CF99E31D58E88C93C448E8198D7D7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"desktop_session_duration_tracker":{"last_session_end_timestamp":"1730552712"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg8mcY6CmCjTJCmtsWFOcUf5vj04cw0e1yZe2WAl8svFn5IC43jfc+dLnGrEyDwAicHCxNdhlrVa5LEtTgt5u2lAK02pd198r5dr5VYgHj55vViEOsF96z3F4ONrN2yeYHGQlo5wvtB8h5moYSz3q4XkgOLF68CtN9bg4RrXXMpaCsrtm158Ii7QF+b2Xe4pcP9WmmQQPfW3MPK3vutAkF92eZ7P7Xw59TAM/Xo+dJlBvYcfjI+KQYiMwDeq8wvchf+8fPfPPLcZ/KFm8bG4FljbVPigsVWQEqHL2vBay66hdg1F7Kydil8K9Pwl4L

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\8010f785-2c95-45c8-ad10-e963f469d23b.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):953
                                                                                                                                                                                              Entropy (8bit):5.723580365691726
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:YKWJu5rrtsk4gDoQXR1qqtBRaeCiWO2vbvXHLQQRCYfYg:Yqfx4g3FBRZ32Dv3kB0
                                                                                                                                                                                              MD5:845216B3483F0B36FAA6AEDAD4516142
                                                                                                                                                                                              SHA1:07CE303AFF85307A27955587D90CDA6780BD2CE0
                                                                                                                                                                                              SHA-256:8F3B47E87DC14A102403F7E7D236CD4898DFFECEFA8ADC70626F030DEEBAA975
                                                                                                                                                                                              SHA-512:770139BB40928EC4FB9EEF19C38BA1F577EABE85ABD2E11D82114754CDF0E75C082F4DDCD9B80BAB398EED5FDE18509AB5ED5D27D0F06939394A383ED9C55B32
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACde9GjpdpiRpaMIGnk6V2uEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADcOGPJJDW7Ws9BEI0LmxwFCS5m0G91BJ4rgZ9ElbLo8QAAAAAOgAAAAAIAACAAAAC4wiTMrUy3pjnHP1vsbrg/NVxDC4wzpHWt1sNG/hfHyjAAAAAwMmfoE9mhK6+B2PhkFNv4NfC04a72VD6zpYZ8DyqnwF4xEYRUcSoujaBAszSXwApAAAAALM2xOqE+GYirPt3Ba4tCOmhMLA3aoQ12rGMqdIV+iDsS31Hpvm93b64CE+/CfXOYYoqOg3fDb/uxmq50cf4MzQ=="},"uninstall_metrics":{"installation_date2":"1730552703"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":4083,"pseudo_low_entropy_source":1211,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13375026303310552","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\98840632-c8e7-4ab7-9d2a-e24b9c923e38.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2056
                                                                                                                                                                                              Entropy (8bit):5.464356778719164
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:YDEFMsFiHC0afx4g3hef5npGHB+CdrxjBRZ30RDT3kBG/d2a:PNkC1fx4gMRpQB3xrZADT3kI4a
                                                                                                                                                                                              MD5:DC81556ADD81F386AEFEFBAE5991C8F3
                                                                                                                                                                                              SHA1:CA981E338E1F1807433C3CD06915BEA3189D5AE6
                                                                                                                                                                                              SHA-256:F7CF0D06BFEEA8B4AC416F8A6D82C54B65922C9F65D2D7011C22C33A564E9A98
                                                                                                                                                                                              SHA-512:0484D9A2832730591955921BF9ACFF5C817ADAA64AE0B5F37FA9496CB4FC9F67827367109EF155062959A008540FA5EE49A35A50161B2E17C42FA7A8EE0AB15C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"dual_user":{"ie_to_edge":{"redirection_mode":0}},"edge":{"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACde9GjpdpiRpaMIGnk6V2uEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADcOGPJJDW7Ws9BEI0LmxwFCS5m0G91BJ4rgZ9ElbLo8QAAAAAOgAAAAAIAACAAAAC4wiTMrUy3pjnHP1vsbrg/NVxDC4wzpHWt1sNG/hfHyjAAAAAwMmfoE9mhK6+B2PhkFNv4NfC04a72VD6zpYZ8DyqnwF4xEYRUcSoujaBAszSXwApAAAAALM2xOqE+GYirPt3Ba4tCOmhMLA3aoQ12rGMqdIV+iDsS31Hpvm93b64CE+/CfXOYYoqOg3fDb/uxmq50cf4MzQ=="},"policy":{"last_statistics_update":"13375026304061848"},"profile":{"info_cache":{},"profile_counts_reported":"13375026304074265","profiles_order":[]},

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\BrowserMetrics-spare.pma (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1310720
                                                                                                                                                                                              Entropy (8bit):0.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3::
                                                                                                                                                                                              MD5:1045BFD216AE1AE480DD0EF626F5FF39
                                                                                                                                                                                              SHA1:377E869BC123602E9B568816B76BE600ED03DBD0
                                                                                                                                                                                              SHA-256:439292E489A0A35E4A3A0FE304EA1A680337243FA53B135AA9310881E1D7E078
                                                                                                                                                                                              SHA-512:F9F8FCC23FC084AF69D7C9ABB0EF72C4684AC8DDF7FA6B2028E2F19FD67435F28534C0CF5B17453DFE352437C777D6F71CFE1D6AD3542AD9D636263400908FD2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\BrowserMetrics-spare.pma.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1310720
                                                                                                                                                                                              Entropy (8bit):0.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3::
                                                                                                                                                                                              MD5:1045BFD216AE1AE480DD0EF626F5FF39
                                                                                                                                                                                              SHA1:377E869BC123602E9B568816B76BE600ED03DBD0
                                                                                                                                                                                              SHA-256:439292E489A0A35E4A3A0FE304EA1A680337243FA53B135AA9310881E1D7E078
                                                                                                                                                                                              SHA-512:F9F8FCC23FC084AF69D7C9ABB0EF72C4684AC8DDF7FA6B2028E2F19FD67435F28534C0CF5B17453DFE352437C777D6F71CFE1D6AD3542AD9D636263400908FD2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\BrowserMetrics\BrowserMetrics-6726237F-D5C.pma

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1310720
                                                                                                                                                                                              Entropy (8bit):0.6826398329979361
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:1536:QfffhVu/YQGZebM/DRGg1DRFFkRGHFLpshcwFpzrqZOhsnRG8VH:mnhE1GZebEcg1HFBZpqTrqrgg
                                                                                                                                                                                              MD5:5F6C5BE8A8B3120959A3A23948BECDDB
                                                                                                                                                                                              SHA1:EA2837F3F71097A3050DA79BEA5C2D80B534A1A6
                                                                                                                                                                                              SHA-256:F519132C505E1D5C4D81F2DE883AF783DA56A576026724F363CD4C8C9B7DA5A7
                                                                                                                                                                                              SHA-512:0465E5B78EF0EFC864D77A7C0F6DF2FA06692FD928753DDEA29C713394F51E7BE19D3FDB35FC7F3A00BD5A6CFCD4DC38DB8095ED0F08D6E464D3D1B592595A21
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:...@............C.].....@...................X...............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30..............117.0.2045.47-64".en-GB*...Windows NT..10.0.190452(..x86_64..?........".hevrvd20,1...x86_64J....?.^o..P......................>..*........W:00000000000000000000000000000000000000000000!00000000000000000000000000000000000000000000!SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe.M1900/01/01:00:00:00!SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe".2.15.62...".*.:..............,..(.......EarlyProcessSingleton.......Default3.(..$.......msEdgeEDropUI.......triggered....8..4... ...msDelayLoadAuthenticationManager....triggered....<..8...#...msSleepingTabsShorterTimeoutDefault.....triggered....8..4... ...msEdgeMouseGestureDefaultEnabled....triggered....8..4.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Crashpad\settings.dat

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):280
                                                                                                                                                                                              Entropy (8bit):1.8887884248653344
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:FiWWltlJb+ltl/NEjYb1gmlx/ll:o1QlfCmlZl
                                                                                                                                                                                              MD5:4B9742B92112D6185410B35163663262
                                                                                                                                                                                              SHA1:4CDAB6EF2C13DE72BFC53DDF93298C52F6A6AF21
                                                                                                                                                                                              SHA-256:26B24843018AFF65955EB4227AA6533D8FDA393FC4E59EB4688F774E8DCE5527
                                                                                                                                                                                              SHA-512:BE2AA50E133BF90DD2E05A05D97F02D8905E4C546A0A83DED276305C38598CA95E82EC4F8A88649B86C1D9665A7C8F96D0EF4AE9B51960A758062AA946FC1EE9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:sdPC.........................C.l....Z................................................................................................................................................................................................{F3017226-FE2A-4295-8BDF-00C3A9A7E4C.}C:........

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Crashpad\throttle_store.dat

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):20
                                                                                                                                                                                              Entropy (8bit):3.6219280948873624
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:8g6Vvn:8g6Vv
                                                                                                                                                                                              MD5:9E4E94633B73F4A7680240A0FFD6CD2C
                                                                                                                                                                                              SHA1:E68E02453CE22736169A56FDB59043D33668368F
                                                                                                                                                                                              SHA-256:41C91A9C93D76295746A149DCE7EBB3B9EE2CB551D84365FFF108E59A61CC304
                                                                                                                                                                                              SHA-512:193011A756B2368956C71A9A3AE8BC9537D99F52218F124B2E64545EEB5227861D372639052B74D0DD956CB33CA72A9107E069F1EF332B9645044849D14AF337
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:level=none expiry=0.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\31fed3e8-37e7-4eab-ba90-44575cbc82f5.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6247
                                                                                                                                                                                              Entropy (8bit):4.834413471282478
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:st/x/ugws13PEb96G8zQ85eh6Cb7/x+6Mhmuec+W1eeGFePG8k+2MR7K:st/l+sd7GkQ88bV+FSWQlZr+PhK
                                                                                                                                                                                              MD5:7F64E664A5043E7528F83B26D6DEA0FA
                                                                                                                                                                                              SHA1:BFFCA3C830A104DC17FB6A99B9B5CAED5340D034
                                                                                                                                                                                              SHA-256:ACFDFA2D7DD2BAC392B2AF205966F06003549C45465941D29A34890FDF8F1580
                                                                                                                                                                                              SHA-512:BAD89228ACC7BDA33D48D36288D8FB6DCCB1F1F314A28C2D8170CF92F304387F8136B0E0060E8E7266774AB41E8EE7882FBCC6ED7DD2842BD24A7957A22B6A3C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13375026304235437","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":600,"browser_content_container_width":960,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13375026304383956","domain_diversity":{"last_reporting_timestamp":"13375026304578449"},"dual_user":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\3d683962-15ef-4828-91f4-23b18854f2d4.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6185
                                                                                                                                                                                              Entropy (8bit):4.829771154611801
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:st/x/ugws13PEb96G8zQ85eh6Cb7/x+6Mhmuec+W1eeGFePGQk+2MR7K:st/l+sd7GkQ88bV+FSWQlZ3+PhK
                                                                                                                                                                                              MD5:78F003A0855B8268300DF043A6956BF1
                                                                                                                                                                                              SHA1:3EEDBB0F719A9AE84C955C2C4BDAFCF75D95C68A
                                                                                                                                                                                              SHA-256:818A51FE55CB2B3AA2052529FE2E3557B40DBA8ADAB3BC7446D4903FBAD6A9E9
                                                                                                                                                                                              SHA-512:7C6E3C1390CD7B17BF19B38A8EF8CFA21A391D83044AB3E38BEA8B3FBE0BF714B511728F713FC5CD3299150ED1283CC98B02F40E5294E7F8D0CF48DE93218ACF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13375026304235437","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":600,"browser_content_container_width":960,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13375026304383956","domain_diversity":{"last_reporting_timestamp":"13375026304578449"},"dual_user":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\56b1ec8e-62ec-4e75-bcb8-8365322ea41d.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6349
                                                                                                                                                                                              Entropy (8bit):4.837756278806447
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:st/x/ugws13PEb96G8zQ85eh6Cb7/x+6Mhmuec+W1eeGFePGXB3+2MR7K:st/l+sd7GkQ88bV+FSWQlZXB+PhK
                                                                                                                                                                                              MD5:6BB2D3917A276D6335122746C195B46F
                                                                                                                                                                                              SHA1:486C6D060CDD4ADBEEC62E6C1F8C5C339F9DED89
                                                                                                                                                                                              SHA-256:888CDCEE08B2000DB1D66C747823709A8BD4F5FD0F1BEA34156BA7E55C3611AE
                                                                                                                                                                                              SHA-512:822E130BF459D2C90298224308EB8316D061E665DCA107F4EEC81C56DB3C1087487A9C8EA63E96A48C2076FE31420160F3DD49292C20C54F482FB98905FF8F33
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13375026304235437","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":600,"browser_content_container_width":960,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13375026304383956","domain_diversity":{"last_reporting_timestamp":"13375026304578449"},"dual_user":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\AssistanceHome\AssistanceHomeSQLite

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):12288
                                                                                                                                                                                              Entropy (8bit):0.3202460253800455
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:l9bNFlEuWk8TRH9MRumWEyE4gLueXdNOmWxFxCxmWxYgCxmW5y/mWz4ynLAtD/W4:TLiuWkMORuHEyESeXdwDQ3SOAtD/ie
                                                                                                                                                                                              MD5:40B18EC43DB334E7B3F6295C7626F28D
                                                                                                                                                                                              SHA1:0E46584B0E0A9703C6B2EC1D246F41E63AF2296F
                                                                                                                                                                                              SHA-256:85E961767239E90A361FB6AA0A3FD9DAA57CAAF9E30599BB70124F1954B751C8
                                                                                                                                                                                              SHA-512:8BDACDC4A9559E4273AD01407D5D411035EECD927385A51172F401558444AD29B5AD2DC5562D1101244665EBE86BBDDE072E75ECA050B051482005EB6A52CDBD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Cache\Cache_Data\data_0

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):45056
                                                                                                                                                                                              Entropy (8bit):0.052072547622753
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:/F4LZmU6CkNSXdJwQmjSv/1+J9HtqScHNatq4CJ4T:d4F6nNkdJrd1+JjqSxong
                                                                                                                                                                                              MD5:D70A71406905AB38A4FA6172B08B23D4
                                                                                                                                                                                              SHA1:6713910D4574B4AF29A0121C5A76A08F03284436
                                                                                                                                                                                              SHA-256:9D5ACE2A6CE495441BED585A778A05E4C25998E392249402FDF0552FAA7A36E8
                                                                                                                                                                                              SHA-512:2E84999A0AF67ADCA366121943DC91837B14A99734BCFB5D29E0E3F3EF127307A8752586C3B16940FE746C547CF76693B52A069D690B10C9F7F395CE976129C1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:............$...................................................................?.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Cache\Cache_Data\data_1

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):270336
                                                                                                                                                                                              Entropy (8bit):0.062102332432457
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:3YkrCm2ebxM7dMG+SZtU1MdMG+Sn6dMG+SybgzU7oYH:IECr/7eNutteNteNbbJ7oYH
                                                                                                                                                                                              MD5:BEE8F4594E47387425DD909830B0112D
                                                                                                                                                                                              SHA1:080FB60690909CB7BA02AA38DEA4C1C53E8684D1
                                                                                                                                                                                              SHA-256:0138812292E5C16668B1134B0BED843EFD1D4B883BD64AB0BDE5F675E3BFB393
                                                                                                                                                                                              SHA-512:4B27D640C7774BD9C8FE9A2E1689E3C67DF63783625CE59FD2E0510D9A8932C6EF6B716E7B9911D2D266F00D8988C7260ECEFD2D69FE9245EA9510986C752B61
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Cache\Cache_Data\data_2

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1056768
                                                                                                                                                                                              Entropy (8bit):0.27392528212164174
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:7x65pnJtbVAcVwepHX+5pnJtbcHi25pnJtbl/kUJtT:k5RJtRDVBE5RJtN25RJthcUJt
                                                                                                                                                                                              MD5:919DF2264FAF8F8EBA133EF23798C655
                                                                                                                                                                                              SHA1:FC332B3D4D7E4F4F03B48E4FF0CAFF0D179E1506
                                                                                                                                                                                              SHA-256:F679624F53F5704656A34BC3C3C15B777F3CF7C5CB5B3B49A188826ACA03F909
                                                                                                                                                                                              SHA-512:71F9FDE674BA41F306B992CF61862E256B28F4195066A6C663C9AA38323A8DEBC8C5C343AAB56A6FE4478765EE1DA058580636A10CF13572402A7E0D6D29C651
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Cache\Cache_Data\data_3

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:dBase III DBT, next free block index 3238316739, block length 1024
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4202496
                                                                                                                                                                                              Entropy (8bit):0.0779817699287017
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:by0PWuizJtth6UW1qRAHZJtPTK+kUCfG:byiNcJtTJG5Jt
                                                                                                                                                                                              MD5:513624D6C89274BF78A94F83197D18D6
                                                                                                                                                                                              SHA1:DEEC87A24EB4DE3F30E8FB0D817A688918D46A01
                                                                                                                                                                                              SHA-256:DF9D235346976CB52E6B62C408071DAFAAC94FCDB2E3E7573DEE8F21ADEB1F3F
                                                                                                                                                                                              SHA-512:D03A4C9E49E1CDFBAB3CE10C1BDD01DD5F6448E04B34180DC24D7E5D6519D3918635049A238E36A4870A5E012A360F596054B5EA692355396EC4121008E22DBE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Cache\Cache_Data\f_000001

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text, with very long lines (5945)
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):328311
                                                                                                                                                                                              Entropy (8bit):5.57783893421832
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6144:g4dsGLgB4zoOAl0n9cM8rT/e2tLUZ9Or24AZ3:Jdhc4zoOILmYs
                                                                                                                                                                                              MD5:81A0E705F117414CBB00695C83D7567C
                                                                                                                                                                                              SHA1:00C62C15E47D212C157AAC27433148D7FDB5B962
                                                                                                                                                                                              SHA-256:94FFE5075325299CFE7B9B8088414F1E6E70FB935EE26860E8229A860C26D15D
                                                                                                                                                                                              SHA-512:EB2E599C64E1AE750BFDAA54B34563D048F2C6C816AA2862065A8A27B11242033D735540A39BAB42F34EE994C3A54CA8F2652434505AB5A4B6C982D641A7D229
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"1",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_1p_data_v2","priority":13,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_streetValue":"","vtp_lastNameType":"CSS_SELECTOR","vtp_autoAddressEnabled":false,"vtp_regionValue":"","vtp_countryValue":"",

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Cache\Cache_Data\f_000002

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:Web Open Font Format (Version 2), TrueType, length 39412, version 1.0
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):39412
                                                                                                                                                                                              Entropy (8bit):7.994813967545731
                                                                                                                                                                                              Encrypted:true
                                                                                                                                                                                              SSDEEP:768:XoBgRc77oGKiWrKa8vHhcHAJB4k13m9UnUAfSibnSqby8NfF0xduU7eUqDX:4BgRc77fwcBcHA5VnUriWqpNfFe0P
                                                                                                                                                                                              MD5:F00895393A31C17C1D38B3CA7A0C803F
                                                                                                                                                                                              SHA1:FA19070E138B46A2D4234AF45CCE46F0AA769AD9
                                                                                                                                                                                              SHA-256:91C01EC0DE315F973F4C00041B7AE25E1A790CEDFF79A6FBB56C571BBA379142
                                                                                                                                                                                              SHA-512:BEEC64CCE537A12235CB1E063FD7870209E2AEFA5839CBBADD16782CADB86C73567E9DAFAEE662D50ACA0AAAB7F5F65FE6D7E3BD6830B2D49CFCC9C58B72AE73
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:wOF2...................}..........................D.. ..^?HVAR."?MVARP.`?STAT.N'...4/l.....,....4.0..p.6.$..d. ..J..6..[..Q".;b3...p..Ve...m..v..Q..K.;..n.........Td.h.v...?.3.*..'J..r..M..10..NE......Kq).iJ].a.NlQ."........\.N^......\.....X..[G.,..~.I...L\d..L.P3....|. .r........o...[./.P.1...^y...3.w..".X....%.i..QqJ.;."..)O.O..m...r@.$..h.7....e..~t..{..k=k..qu..........1.}....&.....!.....%.*...!yZ...~......' A...*...$.!~:.J.R..&m........f..E..Dg.`x;.....96........,t2i.*.un..$b.'...a-......X.9I..m.j.$...C:.F#...C............n.....c.....[....93I....B..,.l.g^K~.wE...[...rZ...`.....#.......l.....%qb ."[.-h.Y.e;........Z6..Dw..s..d.9.9....`..!.....!(.y'K...v.Ti..)\4.C,M.. .4.M....|...F`[..${.T..S&..(......K!..@&....\.....B9...@......t/|..2..aw.$. H<.A....e..._.i.v........s....X.r-#..^.)T)j|..?C.g@.6.K.g..>f].py...q.s6....{...u..._..e........L...4S.....j.......tx$w..pJEe.c...E.>....a.dB...(....)m.._.1..R.B.g.b.T.......b.....y.V$.w)..G..(... ...n|.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Cache\Cache_Data\index

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):524656
                                                                                                                                                                                              Entropy (8bit):5.027445846313988E-4
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:LsultmhKl:LsThKl
                                                                                                                                                                                              MD5:A4289E034A5122EFE044FCAC3CFAA666
                                                                                                                                                                                              SHA1:0F31383A5C45108B17B624877F46ED0CF8B63A3A
                                                                                                                                                                                              SHA-256:CA0B284A55C342F3B1353588DEA5C7A3CA9890A7019A130A5928169600C5AC77
                                                                                                                                                                                              SHA-512:693FA1C1515295850ADA41D87EB02A854E5331825D18B751221680FA2F9B7768C5384F21BB6511AF6000BA11C4DBA2C424842474F6593881C292A76E27FFB416
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:............................................../.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\js\0f4629ddf59494ce_0

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):280
                                                                                                                                                                                              Entropy (8bit):5.6755469921401716
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:mobs/V/7Nbng/8K7N96tvNlX5oEvhmcslKj7TafwSb:fbs/vbng/j96PrVwwH
                                                                                                                                                                                              MD5:7113BB318445FE1A79A424E117ED9272
                                                                                                                                                                                              SHA1:3B17B9ADD794C67F5BB6A34CE33FC16ECF491CB5
                                                                                                                                                                                              SHA-256:44E1138D24A21F05A0D25809E7735734076C9125924D2168630195C211D15FB2
                                                                                                                                                                                              SHA-512:80A892E65A43DED4213480044E93DCC0B48C4EB3EAA1E290BD8453C8923336817388338F324EBE978DF06FE65F86945CB37CE3653AFD4D3F0A6C535275B1D054
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:0\r..m......d...K......._keyhttp://tauri.localhost/_next/static/chunks/app/page-129540f794e5c8e9.js .http://tauri.localhost/.A..Eo......................../.@............s..3..,.W.I.tQd)EO./.r.>.....Ra....Z............lp.....3...V+.C.0..w.....n....._X...%..A..Eo......qi..L.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\js\310c665fd40e58f6_0

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):256
                                                                                                                                                                                              Entropy (8bit):5.556345870979076
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:mEin/7NiAG1HXLdK7N96tcKlXsBryl0odJsukJ/u:zixY1HXLY96q+8BAsuuG
                                                                                                                                                                                              MD5:A4942F94D26BCD71D18D107C2BEADC87
                                                                                                                                                                                              SHA1:9475F2DD9769348A08B864B4BB5A46FD3A794701
                                                                                                                                                                                              SHA-256:3478FB5756870564AFEBF72242BAA9AA13F9449A0A43FF7FA4025DF17A5CA2FD
                                                                                                                                                                                              SHA-512:BCD22D9A8E001C659C5327B599C589ED2D8D16A4A3F03208578582A99E1987860551711247713F5D0D8BFA25A64FC491C53C54A4CEB93936F304AA471CEC07BD
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:0\r..m......L....E......_keyhttp://tauri.localhost/serviceWorkerRegister.js .http://tauri.localhost/.A..Eo......................../.@...........V9.Z..$.S..p..a..7*l..P..W.gY .....Z............lp..........`....=..3~}...9.?^.........A..Eo......\.^.L.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\js\69435b4a9b85732d_0

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):280
                                                                                                                                                                                              Entropy (8bit):5.744029642538802
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:mQSlV/7NbnLTt5K7N96tYk8Elo/U6q7291kAl2p/:glvbn3ts96t8U6cp9R
                                                                                                                                                                                              MD5:36FC0F10DFBF8E8BE309741D4D005575
                                                                                                                                                                                              SHA1:7730763D9CB779B690B5146B83FF9332543BB588
                                                                                                                                                                                              SHA-256:8E2CF462FFF320A879F6E77B4B0884EC05AAF7FB23E84098ABCF6CD5C8B4997B
                                                                                                                                                                                              SHA-512:09C12D2FDC5ADBFFAFFEF9F93FE97A0D4C5C9F7F6352F7E9BC2FFCCF5FB4930A46BA5C6163AF53E33E86845CF205D0DD678F662775314D3C9EC3D6F3C1AE9926
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:0\r..m......d....]j...._keyhttp://tauri.localhost/_next/static/chunks/01b72599-0f638b08586f3199.js .http://tauri.localhost/.A..Eo.................. N..../.@...........X^.o.p.....:}...x.F4@..T#..<.......Z............wp..........]...A|i...%R......r.z...A..Eo......f.@IL.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\js\7bcf9775628cdf6e_0

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):225
                                                                                                                                                                                              Entropy (8bit):5.452864646191545
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:m6GPYGLSmXZCelwK7N96tVQlQwXTGmoqgr/6:TGfLx96z5wXFobb
                                                                                                                                                                                              MD5:23CEF7725F1B296477A9FE76F39442AE
                                                                                                                                                                                              SHA1:FF7F0E0E145AFBB98B4F76FB6F0DDDC120A7AE43
                                                                                                                                                                                              SHA-256:2009BF970876511851B22651FBDAEFAA0C076973528C6A0C724564AE2D9B5025
                                                                                                                                                                                              SHA-512:40B05481F54F019B706814B1C7A93E3AD3AE71CB5C14473B7B9189CA58B580FA4C30C8BAEDC303A28146D186A6B27F38A8B0AD215AA0694A0C02A5D9E3E89966
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:0\r..m......U...`.3t...._keyhttps://www.googletagmanager.com/gtag/js?id=G-89WN60ZK2E .http://tauri.localhost/.A..Eo......................../.........Z...........H.p.....{.....h.MU...s...8O.........>...A..Eo..........$.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\js\dcc42344399c76fa_0

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):279
                                                                                                                                                                                              Entropy (8bit):5.697790768907204
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:m8/7NbnqQ5VSHVNwK7N96tzStavnKjNsluct5MBC+ylGom4:Pbnb41R965n5t5MUVm
                                                                                                                                                                                              MD5:0DBC8BDD6E2340A8E125C0726AB2F852
                                                                                                                                                                                              SHA1:91887A3B3271FA3217C3CCAACD46CEA8B1253AB2
                                                                                                                                                                                              SHA-256:A66830B3D02FCC1C826865E6C8E8515B7A036551EFB149D39E34053758DF9C2B
                                                                                                                                                                                              SHA-512:7CD7851F4C4F47116AFD2C180CD51EA8B8C13EFDF6D7A5FFB58B5B53BBB054BFBFB705A69C2464AEA2FC14B8635BB8419A0932DEDF67A4D1EC5502B67E91A97D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:0\r..m......c...J......._keyhttp://tauri.localhost/_next/static/chunks/webpack-e0b45412e1eb0783.js .http://tauri.localhost/.A..Eo......................../.@...........E...k..&...x...GV.....".9..H..G....Z............fp........ !....P........t.J.<f..8..A..Eo......Rh..L.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\js\ed730aaf5fadc30a_0

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):282
                                                                                                                                                                                              Entropy (8bit):5.647346341286985
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:melX/7NbnEHKprNwK7N96tKUmXxQidFJhiEl2UJ0QcF6AVp:lbnuCrR960SwviVsdi6Mp
                                                                                                                                                                                              MD5:A8592B178586AAB784C1A788F29AD764
                                                                                                                                                                                              SHA1:1789EC2C6B1289868EB7125728D9E8766A420C95
                                                                                                                                                                                              SHA-256:E691BE7E8A143E0B27372ECB822405901A386703D1D6344C114E15C5F8E8BBD1
                                                                                                                                                                                              SHA-512:1A94B8AEFA4FD0256A50D3786E82BE7431854D840BFA3F1CEE32682524D525E570C9DECF934D0D474E57FB3FEC05151C2D56B25B61505E7C648A5802209DBDB0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:0\r..m......f......J...._keyhttp://tauri.localhost/_next/static/chunks/app/layout-be1761bb631d6d7a.js .http://tauri.localhost/.A..Eo...................n..../.@....................k.5>.^..&*B...............Z............lp.......m.b.er..y./.8....h6.y7..).8.A.A..Eo......)#..L.......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\js\index

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):24
                                                                                                                                                                                              Entropy (8bit):2.1431558784658327
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:m+l:m
                                                                                                                                                                                              MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                              SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                              SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                              SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:0\r..m..................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\js\index-dir\temp-index

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:COM executable for DOS
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):192
                                                                                                                                                                                              Entropy (8bit):4.551730637924854
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:zJPye1Nll/lOlnRlnlx61XHxQ45UI7vyhamP1WZmh+ITvlaM+:5LcwR2T8qhtcZ321+
                                                                                                                                                                                              MD5:BEC57FCBD3A91B792C7FAD098A13CAF8
                                                                                                                                                                                              SHA1:C754E9A66D2CFD13DA4FA0B58F673DD41BDC0F34
                                                                                                                                                                                              SHA-256:CEBBEFD3B95E5053E88DFD20721EF88D160B9827A594396A2DAD066B84F1A6F6
                                                                                                                                                                                              SHA-512:4953F02FAD1E5C4213461AA5E7E53171034E4F730F541597D804A20772FC8F7B0F542288B25B76E33C469A4B951D739644988DF879C71009424A147F73DB47E9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.......oy retne........................n.bu..{..N.../..........X.._f.1.)..../.............)F..)..../.........-s..J[Ci.. .../..........._..s..)..../..........v.9D#......./...........W.../.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\js\index-dir\the-real-index (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:COM executable for DOS
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):192
                                                                                                                                                                                              Entropy (8bit):4.551730637924854
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:zJPye1Nll/lOlnRlnlx61XHxQ45UI7vyhamP1WZmh+ITvlaM+:5LcwR2T8qhtcZ321+
                                                                                                                                                                                              MD5:BEC57FCBD3A91B792C7FAD098A13CAF8
                                                                                                                                                                                              SHA1:C754E9A66D2CFD13DA4FA0B58F673DD41BDC0F34
                                                                                                                                                                                              SHA-256:CEBBEFD3B95E5053E88DFD20721EF88D160B9827A594396A2DAD066B84F1A6F6
                                                                                                                                                                                              SHA-512:4953F02FAD1E5C4213461AA5E7E53171034E4F730F541597D804A20772FC8F7B0F542288B25B76E33C469A4B951D739644988DF879C71009424A147F73DB47E9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.......oy retne........................n.bu..{..N.../..........X.._f.1.)..../.............)F..)..../.........-s..J[Ci.. .../..........._..s..)..../..........v.9D#......./...........W.../.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\js\index-dir\the-real-index~RF70d1d6.TMP (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:COM executable for DOS
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):192
                                                                                                                                                                                              Entropy (8bit):4.551730637924854
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:zJPye1Nll/lOlnRlnlx61XHxQ45UI7vyhamP1WZmh+ITvlaM+:5LcwR2T8qhtcZ321+
                                                                                                                                                                                              MD5:BEC57FCBD3A91B792C7FAD098A13CAF8
                                                                                                                                                                                              SHA1:C754E9A66D2CFD13DA4FA0B58F673DD41BDC0F34
                                                                                                                                                                                              SHA-256:CEBBEFD3B95E5053E88DFD20721EF88D160B9827A594396A2DAD066B84F1A6F6
                                                                                                                                                                                              SHA-512:4953F02FAD1E5C4213461AA5E7E53171034E4F730F541597D804A20772FC8F7B0F542288B25B76E33C469A4B951D739644988DF879C71009424A147F73DB47E9
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.......oy retne........................n.bu..{..N.../..........X.._f.1.)..../.............)F..)..../.........-s..J[Ci.. .../..........._..s..)..../..........v.9D#......./...........W.../.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\wasm\index

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):24
                                                                                                                                                                                              Entropy (8bit):2.1431558784658327
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:m+l:m
                                                                                                                                                                                              MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                              SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                              SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                              SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:0\r..m..................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\wasm\index-dir\temp-index

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):48
                                                                                                                                                                                              Entropy (8bit):2.955557653394731
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:mOZ9EHim:mxHim
                                                                                                                                                                                              MD5:A0D6F5C41B4FD02A6603DB0DE0E67123
                                                                                                                                                                                              SHA1:9FE7E53C252AF03152B77B5F85718DC4406207B6
                                                                                                                                                                                              SHA-256:82A1B7A1B5C82FDDBED86B3E9007A03151D82C5334B94A6D5EDC6860F27CCBCC
                                                                                                                                                                                              SHA-512:4971E8B07DB313AAA0D62A06F2D2959A297A18B7B1473C83A20BEEC8C0885E2991A2DFEC695376FABBCFC98C7B810F416F499E1A45C52DCF04164A03AF906A2B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:(...;.;.oy retne............................../.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Code Cache\wasm\index-dir\the-real-index (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):48
                                                                                                                                                                                              Entropy (8bit):2.955557653394731
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:mOZ9EHim:mxHim
                                                                                                                                                                                              MD5:A0D6F5C41B4FD02A6603DB0DE0E67123
                                                                                                                                                                                              SHA1:9FE7E53C252AF03152B77B5F85718DC4406207B6
                                                                                                                                                                                              SHA-256:82A1B7A1B5C82FDDBED86B3E9007A03151D82C5334B94A6D5EDC6860F27CCBCC
                                                                                                                                                                                              SHA-512:4971E8B07DB313AAA0D62A06F2D2959A297A18B7B1473C83A20BEEC8C0885E2991A2DFEC695376FABBCFC98C7B810F416F499E1A45C52DCF04164A03AF906A2B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:(...;.;.oy retne............................../.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\DIPS

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):28672
                                                                                                                                                                                              Entropy (8bit):0.46876696449196303
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfB8s:TouQq3qh7z3bY2LNW9WMcUvB
                                                                                                                                                                                              MD5:3785E27E9AB5C79CF9DD28259DF52270
                                                                                                                                                                                              SHA1:7D8246004042D53F13B045617551E0E4610D33AB
                                                                                                                                                                                              SHA-256:C632FA9E985D5ED67447B06E4E5DE45E8D302C4759F339D897B606E4C92EAD8C
                                                                                                                                                                                              SHA-512:8B2A3A51AC2B2AFB881445699BCC16FA12AC2C973A3063F4D1C3B5823D77AFAD7A14D03A841CE22BB608B838BCDAF21CEF94B2D7C653DA65CB4A15CCE59E1544
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\DawnCache\data_0

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.01057775872642915
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsFl:/F
                                                                                                                                                                                              MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                              SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                              SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                              SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\DawnCache\data_1

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):270336
                                                                                                                                                                                              Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                                              MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                                              SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                                              SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                                              SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\DawnCache\data_2

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.011852361981932763
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                              MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                              SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                              SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                              SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\DawnCache\data_3

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.012340643231932763
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                              MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                              SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                              SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                              SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\DawnCache\index

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):262512
                                                                                                                                                                                              Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:LsNlu5:Ls3u
                                                                                                                                                                                              MD5:1A71249E65903DC5C8B776FB0A862232
                                                                                                                                                                                              SHA1:2B0F4BE2924C1E39C95487DD6148562B7890D331
                                                                                                                                                                                              SHA-256:9AF64A2B01AA6F2A68741F245E2D1D1C6D044A81B70E48E3C57878D9AB5183E8
                                                                                                                                                                                              SHA-512:90E21C0FE9D0F94F6B3EBFD8C90011AB998D6402C46E4BF5E2ABBAE3D4D4BF5F7BB0CC2DB82A35DABAB89511222D6EE0505C9AA03D53D6577F7766FF8636B2E8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:............................................./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\EdgeEDrop\EdgeEDropSQLite.db

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 14, database pages 8, cookie 0xe, schema 4, UTF-8, version-valid-for 14
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):32768
                                                                                                                                                                                              Entropy (8bit):0.494709561094235
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:TLEC30OIcqIn2o0FUFlA2cs0US5S693Xlej2:ThLaJUnAg0UB6I
                                                                                                                                                                                              MD5:CF7760533536E2AF66EA68BC3561B74D
                                                                                                                                                                                              SHA1:E991DE2EA8F42AE7E0A96A3B3B8AF87A689C8CCD
                                                                                                                                                                                              SHA-256:E1F183FAE5652BA52F5363A7E28BF62B53E7781314C9AB76B5708AF9918BE066
                                                                                                                                                                                              SHA-512:38B15FE7503F6DFF9D39BC74AA0150A7FF038029F973BE9A37456CDE6807BCBDEAB06E624331C8DFDABE95A5973B0EE26A391DB2587E614A37ADD50046470162
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j...i............t...c................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension Rules\000001.dbtmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension Rules\000003.log

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):38
                                                                                                                                                                                              Entropy (8bit):1.8784775129881184
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:FQxlXNQxlX:qTCT
                                                                                                                                                                                              MD5:51A2CBB807F5085530DEC18E45CB8569
                                                                                                                                                                                              SHA1:7AD88CD3DE5844C7FC269C4500228A630016AB5B
                                                                                                                                                                                              SHA-256:1C43A1BDA1E458863C46DFAE7FB43BFB3E27802169F37320399B1DD799A819AC
                                                                                                                                                                                              SHA-512:B643A8FA75EDA90C89AB98F79D4D022BB81F1F62F50ED4E5440F487F22D1163671EC3AE73C4742C11830214173FF2935C785018318F4A4CAD413AE4EEEF985DF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.f.5................f.5...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension Rules\CURRENT (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension Rules\LOG

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):309
                                                                                                                                                                                              Entropy (8bit):5.264049032072682
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:Hukms1N723GKY4Cutm9paVdg2KLlVu4M+q2PN723GKY4Cutm9paPrqIFUv:tmMatYom9HLbM+vVatYom9o3FUv
                                                                                                                                                                                              MD5:E211B48E55A0A11FAE922EB8E4A22072
                                                                                                                                                                                              SHA1:3E948F0FE9D5F9E0C145827D4C9652E25604643A
                                                                                                                                                                                              SHA-256:59125AE25486083CAB5C9EDDC73D1C58A9D21E07AB2CE024085A9F534584CF1A
                                                                                                                                                                                              SHA-512:40DD39443CFD5EFF2D85DD43F71556A938688309A3A8FA2E322CF03FE8560DBD9127AECE8B3249FCC4AF75D078F80044727E978710C74DDB845742A058C84280
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:2024/11/02-09:05:04.277 1afc Creating DB C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension Rules since it was missing..2024/11/02-09:05:04.458 1afc Reusing MANIFEST C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension Rules/MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension Rules\MANIFEST-000001

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):41
                                                                                                                                                                                              Entropy (8bit):4.704993772857998
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension Scripts\000001.dbtmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension Scripts\000003.log

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):38
                                                                                                                                                                                              Entropy (8bit):1.8784775129881184
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:FQxlXNQxlX:qTCT
                                                                                                                                                                                              MD5:51A2CBB807F5085530DEC18E45CB8569
                                                                                                                                                                                              SHA1:7AD88CD3DE5844C7FC269C4500228A630016AB5B
                                                                                                                                                                                              SHA-256:1C43A1BDA1E458863C46DFAE7FB43BFB3E27802169F37320399B1DD799A819AC
                                                                                                                                                                                              SHA-512:B643A8FA75EDA90C89AB98F79D4D022BB81F1F62F50ED4E5440F487F22D1163671EC3AE73C4742C11830214173FF2935C785018318F4A4CAD413AE4EEEF985DF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.f.5................f.5...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension Scripts\CURRENT (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension Scripts\LOG

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):313
                                                                                                                                                                                              Entropy (8bit):5.238838329291772
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:Hul9s1N723GKY4Cutm9p6FB2KLlVudqM+q2PN723GKY4Cutm9p65IFUv:AMatYom9QFFLvM+vVatYom9QWFUv
                                                                                                                                                                                              MD5:E1EB32A3142D53C9265A4800AF1E3A96
                                                                                                                                                                                              SHA1:24C8749C3B974FD94A62BE5A94FCD21C69F63FD8
                                                                                                                                                                                              SHA-256:F539603582334C0EB8B28EB4CFEF6F8419FBD6FB6DD3D57DFEA8BEDDB10CBB73
                                                                                                                                                                                              SHA-512:95B49743D9C96E98606BBC6B497E87B23B3726F9A8C47BCA33CA205350F2636AE1C7957B4EFB7E4DD508ED16457A3574DBBB30D0D286720A778BA484CB95F187
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:2024/11/02-09:05:04.466 1afc Creating DB C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension Scripts since it was missing..2024/11/02-09:05:04.515 1afc Reusing MANIFEST C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension Scripts/MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension Scripts\MANIFEST-000001

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):41
                                                                                                                                                                                              Entropy (8bit):4.704993772857998
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension State\000001.dbtmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension State\000003.log

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):114
                                                                                                                                                                                              Entropy (8bit):1.8784775129881184
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:FQxlXNQxlXNQxlXNQxlXNQxlXNQxlX:qTCTCTCTCTCT
                                                                                                                                                                                              MD5:891A884B9FA2BFF4519F5F56D2A25D62
                                                                                                                                                                                              SHA1:B54A3C12EE78510CB269FB1D863047DD8F571DEA
                                                                                                                                                                                              SHA-256:E2610960C3757D1757F206C7B84378EFA22D86DCF161A98096A5F0E56E1A367E
                                                                                                                                                                                              SHA-512:CD50C3EE4DFB9C4EC051B20DD1E148A5015457EE0C1A29FFF482E62291B32097B07A069DB62951B32F209FD118FD77A46B8E8CC92DA3EAAE6110735D126A90EE
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension State\CURRENT (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension State\LOG

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):309
                                                                                                                                                                                              Entropy (8bit):5.217505918141651
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:HuXms1N723GKY4Cutm9pYg2KLlVuR1M+q2PN723GKY4Cutm9pNIFUv:5MatYom9NLoM+vVatYom9wFUv
                                                                                                                                                                                              MD5:09D12CB18259D2DF7E3DAD35C3080C7A
                                                                                                                                                                                              SHA1:67F3CFFA0FD3616A5F387066CC4B370F4A18C888
                                                                                                                                                                                              SHA-256:8903204D247F24D43F3C03D4664B3B55437DC46711411ADD9D8AA60F1AB68F0B
                                                                                                                                                                                              SHA-512:25858E309E4D54432DE78878ABFF39BFC09B289CD0CED59BAD638B17BE3FDD476C366D16822552E79EE138B36CB4ED8373231B61CA7A929BE2E7650A10A4EB40
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:2024/11/02-09:05:04.571 1afc Creating DB C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension State since it was missing..2024/11/02-09:05:04.592 1afc Reusing MANIFEST C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension State/MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Extension State\MANIFEST-000001

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):41
                                                                                                                                                                                              Entropy (8bit):4.704993772857998
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\ExtensionActivityComp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 1, cookie 0x1, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):4096
                                                                                                                                                                                              Entropy (8bit):0.3169096321222068
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:lSWbNFl/sl+ltl4ltllOl83/XWEEabIDWzdWuAzTgdWj3FtFIU:l9bNFlEs1ok8fDEPDadUTgd81Z
                                                                                                                                                                                              MD5:2554AD7847B0D04963FDAE908DB81074
                                                                                                                                                                                              SHA1:F84ABD8D05D7B0DFB693485614ECF5204989B74A
                                                                                                                                                                                              SHA-256:F6EF01E679B9096A7D8A0BD8151422543B51E65142119A9F3271F25F966E6C42
                                                                                                                                                                                              SHA-512:13009172518387D77A67BBF86719527077BE9534D90CB06E7F34E1CCE7C40B49A185D892EE859A8BAFB69D5EBB6D667831A0FAFBA28AC1F44570C8B68F8C90A4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\ExtensionActivityEdge

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 8, cookie 0x8, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):32768
                                                                                                                                                                                              Entropy (8bit):0.40981274649195937
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:TL1WK3iOvwxwwweePKmJIOAdQBVA/kjo/TJZwJ9OV3WOT/5eQQ:Tmm+/9ZW943WOT/
                                                                                                                                                                                              MD5:1A7F642FD4F71A656BE75B26B2D9ED79
                                                                                                                                                                                              SHA1:51BBF587FB0CCC2D726DDB95C96757CC2854CFAD
                                                                                                                                                                                              SHA-256:B96B6DDC10C29496069E16089DB0AB6911D7C13B82791868D583897C6D317977
                                                                                                                                                                                              SHA-512:FD14EADCF5F7AB271BE6D8EF682977D1A0B5199A142E4AB353614F2F96AE9B49A6F35A19CC237489F297141994A4A16B580F88FAC44486FCB22C05B2F1C3F7D1
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j............M.....8...b..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Favicons

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 2, database pages 12, cookie 0x8, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):24576
                                                                                                                                                                                              Entropy (8bit):1.7749337497024609
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:+Bmw6fU1zBuPBQnF8o9hykJA9X3tlCrhYWvUF19D+PiHdII48:+BCyupQFBhykJANlGitiPi1Z
                                                                                                                                                                                              MD5:7DD537A4AC5D7710D534D6C42FDA8A8D
                                                                                                                                                                                              SHA1:82D880C3615212EBC34CF614C3B5DDE7D5C89FDA
                                                                                                                                                                                              SHA-256:E3AD4DC37AE5F285A6C999C9BA19497A0EF606ACD8E70AB5D5176133B3F36C8E
                                                                                                                                                                                              SHA-512:E4F02435472F6BDD539F1CA00715C9E6FED933F3CCC787D547AF55AACE0E7F1AC628E577DF1722615D21588F1364EAC8E5AF6B75FEB83381EFC218AF858A34BC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g....._.c...~.2.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................s...;+...indexfavicon_bitmaps_icon_idfavico

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\GPUCache\data_0

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.01057775872642915
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsFl:/F
                                                                                                                                                                                              MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                              SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                              SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                              SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\GPUCache\data_1

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):270336
                                                                                                                                                                                              Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                                              MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                                              SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                                              SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                                              SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\GPUCache\data_2

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.011852361981932763
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                              MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                              SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                              SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                              SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\GPUCache\data_3

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.012340643231932763
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                              MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                              SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                              SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                              SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\GPUCache\index

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):262512
                                                                                                                                                                                              Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:LsNl3eW+:Ls33
                                                                                                                                                                                              MD5:B9211986AFF7D7EFE85326D779270F1F
                                                                                                                                                                                              SHA1:D2F84E213E0AC4652BF07AD460875A05CDAC2490
                                                                                                                                                                                              SHA-256:E29BD07EF3C7E65F9FB69974EDBC1555E4ADA7E3B68D6B5FE6F19559B8999776
                                                                                                                                                                                              SHA-512:7A8AC621A6124CDD82C4AF330CF513700491E68AA6D9EE01ED6DA20F1D807954B65D97774C61D3AA92D53B5A8E654FDF92539B7908DACD2CD6AD600B05EE5F21
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:............................................../.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\History

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):155648
                                                                                                                                                                                              Entropy (8bit):0.5878997965322033
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:+DhiWPsmWyejzH+bDoYysX0IxQzlkHtpVJNlYDLjGQLBE3CeE0kESfyOV:+D6XhH+bDo3iN0l2TVJkXBBE3ybBf5V
                                                                                                                                                                                              MD5:5C53996D7CDCCF02C212BEDF761E9BAA
                                                                                                                                                                                              SHA1:5803BEC35AAD766DFB02E21948E18198E1D65290
                                                                                                                                                                                              SHA-256:9EC0A157074B6678F50BBE84467A3A83C9CD46FFBA1309CEC781FB4B6D168422
                                                                                                                                                                                              SHA-512:F6E541E2B00305A3D47858A9BA9280B37EDF634C5C9EF78602F7E7E86CFF2DB1556F3E826C42242237F530CDB94817734F2FA3F5ECBFCB62EF9D6C12531D67F3
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\History-journal

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8720
                                                                                                                                                                                              Entropy (8bit):0.21917635620654863
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:qxlntFlljq7A/mhWJFuQ3yy7IOWU2Cl/dweytllrE9SFcTp4AGbNCV9RUIh:qQ75fOjl/d0Xi99pEYn
                                                                                                                                                                                              MD5:13945614A7AB7914F4F58F80C1FEB651
                                                                                                                                                                                              SHA1:76E89B8CBDD827AC11041D8D0C74BDAB69F06B9B
                                                                                                                                                                                              SHA-256:82581A4945CC77EFB2F32383B91EB1E652C4307ED9A475CAF2A51A58D7C7EC73
                                                                                                                                                                                              SHA-512:F0971A3A463D81DC831CD91D5F60553B0F40284A310E1E12742FC908213312368FA388E955020156AC7CFB960B373F1A49104D7C90362403542AEA8F3578901F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:...................&....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\IndexedDB\http_tauri.localhost_0.indexeddb.leveldb\000001.dbtmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\IndexedDB\http_tauri.localhost_0.indexeddb.leveldb\000003.log

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):132192
                                                                                                                                                                                              Entropy (8bit):4.639182137400105
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3072:UE/FHX7jSAumBj/ynqWFaqnIdWMQmPjoWVUtbMe3YoU5dEJXgq7:UEFqAJG
                                                                                                                                                                                              MD5:BE69D1CDCCD24F337B2E3C4B2226978D
                                                                                                                                                                                              SHA1:BC313CE80FBD4F330476E9E5F86FBE51BA93C056
                                                                                                                                                                                              SHA-256:6CE9F668EA28A824B6533D8F71C3D6245446B1BEC3EF1265D439D4BCCB7525BE
                                                                                                                                                                                              SHA-512:272417EA7C31849F1D5E3A857491781DA3DF9EC1DBEBFC768877EAAE0B1C5F2B822853BFE4AB5AFFE0048B1BAE684E9EA0B0246D5DF544832505EF2B0A708EE8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:. ......................2......."....................................o..nz........................O.......h.t.t.p._.t.a.u.r.i...l.o.c.a.l.h.o.s.t._.0.@.1..k.e.y.v.a.l.-.s.t.o.r.e....................R.g.L.............................2.......................2.........................g...............................2....k.e.y.v.a.l......2............2..........2..........2..........2..........2..........2.............k.e.y.v.a.l........2.........2...........................2....................2........2....................2........2....................2........2....................2........2....................2........2....................2........2....................2........2....................2........2.......................k.e.y.v.a.l...... .................2.................2.................2.................2.................2.................2.................2.................2.................2.................2.................2.................2.....l.8.,.............

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\IndexedDB\http_tauri.localhost_0.indexeddb.leveldb\CURRENT (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\IndexedDB\http_tauri.localhost_0.indexeddb.leveldb\LOG

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):377
                                                                                                                                                                                              Entropy (8bit):5.271536365681625
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:HuFLbEq1N723GKY4Cutm9VbNCM1vRB2KLlVuFLb/Aq2PN723GKY4Cutm9VbNCM1b:HaatYom9HtvRFLwovVatYom9HtviFUv
                                                                                                                                                                                              MD5:4D3176FDC916B747BCA021ED62B53392
                                                                                                                                                                                              SHA1:7EFF093F26D753BC8E75E1EEDDBD64BB6E718BB3
                                                                                                                                                                                              SHA-256:31D79C6AE6C405AC8224BCA9EBEDF541129916039D7223279AC2D5D4DB91A454
                                                                                                                                                                                              SHA-512:8F781F95444AA0ECA6729F6F0A5716850B8B3322AEF36CCB5E7E8574B03E2019236DBFD4F521B6AA4A5F988250299655BC2FFB1BF4DC5674D392E9118BC75C2B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:2024/11/02-09:05:11.360 af0 Creating DB C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\IndexedDB\http_tauri.localhost_0.indexeddb.leveldb since it was missing..2024/11/02-09:05:11.397 af0 Reusing MANIFEST C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\IndexedDB\http_tauri.localhost_0.indexeddb.leveldb/MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\IndexedDB\http_tauri.localhost_0.indexeddb.leveldb\MANIFEST-000001

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):23
                                                                                                                                                                                              Entropy (8bit):4.142914673354254
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:Fdb+4Ll:Zl
                                                                                                                                                                                              MD5:3FD11FF447C1EE23538DC4D9724427A3
                                                                                                                                                                                              SHA1:1335E6F71CC4E3CF7025233523B4760F8893E9C9
                                                                                                                                                                                              SHA-256:720A78803B84CBCC8EB204D5CF8EA6EE2F693BE0AB2124DDF2B81455DE02A3ED
                                                                                                                                                                                              SHA-512:10A3BD3813014EB6F8C2993182E1FA382D745372F8921519E1D25F70D76F08640E84CB8D0B554CCD329A6B4E6DE6872328650FEFA91F98C3C0CFC204899EE824
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........idb_cmp1......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Local Storage\leveldb\000001.dbtmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Local Storage\leveldb\CURRENT (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):321
                                                                                                                                                                                              Entropy (8bit):5.281339843598944
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:Hu4jm3M1N723GKY4Cutm91a2jM8B2KLlVu4Bayq2PN723GKY4Cutm91a2jMGIFUv:XSsatYom91jFLLBayvVatYom91EFUv
                                                                                                                                                                                              MD5:DB40B418E551CFE543767F96C06D8658
                                                                                                                                                                                              SHA1:63802640DD52767E8C1FD30CE312EEA32DCD0693
                                                                                                                                                                                              SHA-256:6B68952C327FD5C2754657D2692A14F29E9066E7A33CD232AC630470E3D7DD97
                                                                                                                                                                                              SHA-512:F112CA8FE236C41AC9649102BF55D87689EC0D6AC45E701E6944351AD3CA2AF51424FC87921E05A8436FA11A2A993D2B37C1ABCBD75835BBF25628383C2573D6
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:2024/11/02-09:05:04.950 1734 Creating DB C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Local Storage\leveldb since it was missing..2024/11/02-09:05:05.004 1734 Reusing MANIFEST C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Local Storage\leveldb/MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Local Storage\leveldb\MANIFEST-000001

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):41
                                                                                                                                                                                              Entropy (8bit):4.704993772857998
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Login Data

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 21, cookie 0xc, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):43008
                                                                                                                                                                                              Entropy (8bit):0.9009435143901008
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:C2BeymwLCn8MouB6wzFlXqiEqUvJKLuyn:C2TLG7IwRFqidn
                                                                                                                                                                                              MD5:FB3D677576C25FF04A308A1F627410B7
                                                                                                                                                                                              SHA1:97D530911F9CB0C37717ABB145D748982ADA0440
                                                                                                                                                                                              SHA-256:A79300470D18AF26E3C5B4F23F81915B92D490105CE84A8122BF8100EC0C7517
                                                                                                                                                                                              SHA-512:ED6666B064958B107E55BD76E52D2E5BF7A4791379902D208EF909A6B68803240D372CE03641249EB917C241B36A5684656A48D099A8A084AD34BA009857B098
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network Action Predictor

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 11, cookie 0x6, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):45056
                                                                                                                                                                                              Entropy (8bit):0.40293591932113104
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:TLVgTjDk5Yk8k+/kCkzD3zzbLGfIzLihje90xq/WMFFfeFzfXVVlYWOT/CUFSe:Tmo9n+8dv/qALihje9kqL42WOT/9F
                                                                                                                                                                                              MD5:ADC0CFB8A1A20DE2C4AB738B413CBEA4
                                                                                                                                                                                              SHA1:238EF489E5FDC6EBB36F09D415FB353350E7097B
                                                                                                                                                                                              SHA-256:7C071E36A64FB1881258712C9880F155D9CBAC693BADCC391A1CB110C257CC37
                                                                                                                                                                                              SHA-512:38C8B7293B8F7BEF03299BAFB981EEEE309945B1BDE26ACDAD6FDD63247C21CA04D493A1DDAFC3B9A1904EFED998E9C7C0C8E98506FD4AC0AB252DFF34566B66
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j.......=......\.t.+.>...,...=........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\17ee67ac-4839-48f3-a686-e0bb7950ed35.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):1130
                                                                                                                                                                                              Entropy (8bit):5.295803503105462
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:YXsFESHEZli4/sF3Zli4YsF1XZli4/sFrSZlisHt0fbA7n7:YXsFESc1sFpesF1JRsFS/Ht0fbm
                                                                                                                                                                                              MD5:4C3EC2FFD650989E3537431C83E17E76
                                                                                                                                                                                              SHA1:5C38B80E1598699165D58FC75EA2BF9712735277
                                                                                                                                                                                              SHA-256:0A0885B165AE4031B79A08C9BCE2B2AE1E95E59FF8B36E207CF6D2BB979A5077
                                                                                                                                                                                              SHA-512:DA1DC67D3C9AA98293A71BAC6666D1AC408AD9ABD9314E47B43C348D884AB79969BC2744486876AC8F6B402E649F9AC3CA2EE9F5A74AAA7C12A3D06785BCEDE0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"net":{"http_server_properties":{"servers":[{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13377618307073277","port":443,"protocol_str":"quic"}],"anonymization":["HAAAABYAAABodHRwOi8vdGF1cmkubG9jYWxob3N0AAA=",false],"server":"https://www.googletagmanager.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13377618315607935","port":443,"protocol_str":"quic"}],"anonymization":["HAAAABYAAABodHRwOi8vdGF1cmkubG9jYWxob3N0AAA=",false],"server":"https://fonts.googleapis.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13377618316509058","port":443,"protocol_str":"quic"}],"anonymization":["HAAAABYAAABodHRwOi8vdGF1cmkubG9jYWxob3N0AAA=",false],"server":"https://fonts.gstatic.com"},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13377618321178071","port":443,"protocol_str":"quic"}],"anonymization":["HAAAABYAAABodHRwOi8vdGF1cmkubG9jYWxob3N0AAA=",false],"network_stats":{"srtt":931715},"server":"https://www.google-analytics.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\447e6a68-6dbf-40f5-b132-3993126c5c40.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):59
                                                                                                                                                                                              Entropy (8bit):4.619434150836742
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:YLbkVKJq0nMb1KKtiVY:YHkVKJTnMRK3VY
                                                                                                                                                                                              MD5:2800881C775077E1C4B6E06BF4676DE4
                                                                                                                                                                                              SHA1:2873631068C8B3B9495638C865915BE822442C8B
                                                                                                                                                                                              SHA-256:226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974
                                                                                                                                                                                              SHA-512:E342407AB65CC68F1B3FD706CD0A37680A0864FFD30A6539730180EDE2CDCD732CC97AE0B9EF7DB12DA5C0F83E429DF0840DBF7596ACA859A0301665E517377B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"net":{"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\7826918b-515a-4a58-a7d2-86475207b6f9.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):59
                                                                                                                                                                                              Entropy (8bit):4.619434150836742
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:YLbkVKJq0nMb1KKqk1Yn:YHkVKJTnMRKXk1Yn
                                                                                                                                                                                              MD5:78BFCECB05ED1904EDCE3B60CB5C7E62
                                                                                                                                                                                              SHA1:BF77A7461DE9D41D12AA88FBA056BA758793D9CE
                                                                                                                                                                                              SHA-256:C257F929CFF0E4380BF08D9F36F310753F7B1CCB5CB2AB811B52760DD8CB9572
                                                                                                                                                                                              SHA-512:2420DFF6EB853F5E1856CDAB99561A896EA0743FCFF3E04B37CB87EDDF063770608A30C6FFB0319E5D353B0132C5F8135B7082488E425666B2C22B753A6A4D73
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"net":{"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\90f7791b-e37d-438a-a9f7-4462a5256600.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):40
                                                                                                                                                                                              Entropy (8bit):4.1275671571169275
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                              MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                              SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                              SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                              SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\9b727428-122d-48f9-a128-f3cee8ac1f93.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\Cookies

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):20480
                                                                                                                                                                                              Entropy (8bit):0.8881177164182485
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:TLInKbXYFpFNYcoqT1kwE6UwpQ9YHVXxZ6HfB8wzPn9ALeQlDqWe6b:TsKLopF+SawLUO1Xj8BTzP9H1WeO
                                                                                                                                                                                              MD5:B8EDD88563B50EEB13239F40899A2CA4
                                                                                                                                                                                              SHA1:ED4B98FA3AE714A3D71FEC3CDD5C8FB6DAAF25A0
                                                                                                                                                                                              SHA-256:867C2F16C767BC5D58B4C9E90C957B588E371EBCED74BABD4A0D4C321BE0C437
                                                                                                                                                                                              SHA-512:EF8F1B236131A7F8B2BD60B8DFF39DA4EFF93E7C72C19AE1A2576FB040A8298FF23690246E01A62BCB4A32BEF97A422F5E4525B14FA31DF06D24042F237FB5D4
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\Network Persistent State (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):59
                                                                                                                                                                                              Entropy (8bit):4.619434150836742
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:YLbkVKJq0nMb1KKtiVY:YHkVKJTnMRK3VY
                                                                                                                                                                                              MD5:2800881C775077E1C4B6E06BF4676DE4
                                                                                                                                                                                              SHA1:2873631068C8B3B9495638C865915BE822442C8B
                                                                                                                                                                                              SHA-256:226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974
                                                                                                                                                                                              SHA-512:E342407AB65CC68F1B3FD706CD0A37680A0864FFD30A6539730180EDE2CDCD732CC97AE0B9EF7DB12DA5C0F83E429DF0840DBF7596ACA859A0301665E517377B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"net":{"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\Network Persistent State~RF70c514.TMP (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):59
                                                                                                                                                                                              Entropy (8bit):4.619434150836742
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:YLbkVKJq0nMb1KKtiVY:YHkVKJTnMRK3VY
                                                                                                                                                                                              MD5:2800881C775077E1C4B6E06BF4676DE4
                                                                                                                                                                                              SHA1:2873631068C8B3B9495638C865915BE822442C8B
                                                                                                                                                                                              SHA-256:226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974
                                                                                                                                                                                              SHA-512:E342407AB65CC68F1B3FD706CD0A37680A0864FFD30A6539730180EDE2CDCD732CC97AE0B9EF7DB12DA5C0F83E429DF0840DBF7596ACA859A0301665E517377B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"net":{"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\Network Persistent State~RF7177ca.TMP (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):59
                                                                                                                                                                                              Entropy (8bit):4.619434150836742
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:YLbkVKJq0nMb1KKtiVY:YHkVKJTnMRK3VY
                                                                                                                                                                                              MD5:2800881C775077E1C4B6E06BF4676DE4
                                                                                                                                                                                              SHA1:2873631068C8B3B9495638C865915BE822442C8B
                                                                                                                                                                                              SHA-256:226EEC4486509917AA336AFEBD6FF65777B75B65F1FB06891D2A857A9421A974
                                                                                                                                                                                              SHA-512:E342407AB65CC68F1B3FD706CD0A37680A0864FFD30A6539730180EDE2CDCD732CC97AE0B9EF7DB12DA5C0F83E429DF0840DBF7596ACA859A0301665E517377B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"net":{"network_qualities":{"CAESABiAgICA+P////8B":"4G"}}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\Reporting and NEL

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 5, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 5
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):36864
                                                                                                                                                                                              Entropy (8bit):0.7109336889623686
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:TKIopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSBQK:eIEumQv8m1ccnvS6v
                                                                                                                                                                                              MD5:486E3DEABB50F9A8AE6C0D0BBC41FABD
                                                                                                                                                                                              SHA1:43E17A98A9E296FE98E99529655E449EFCAFE7A6
                                                                                                                                                                                              SHA-256:480EA6FDB845C35F1A00258708161BA5ACCA240BAD162418E54FCAD8EC02EE00
                                                                                                                                                                                              SHA-512:0507FB85848BF32710BC4DD0DC6EA51D9D2109ADB59B051D0D0EB24DE6FA8FC1BE9130BA7A3B12C5AF8DC368503D5644FDBD08373BE4379646DC4BA2D300C3DC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\SCT Auditing Pending Reports~RF705e7a.TMP (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):40
                                                                                                                                                                                              Entropy (8bit):4.1275671571169275
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                              MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                              SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                              SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                              SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\Trust Tokens

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 9, cookie 0x6, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):36864
                                                                                                                                                                                              Entropy (8bit):0.36515621748816035
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:TLH3lIIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:Tb31DtX5nDOvyKDhU1cSB
                                                                                                                                                                                              MD5:25363ADC3C9D98BAD1A33D0792405CBF
                                                                                                                                                                                              SHA1:D06E343087D86EF1A06F7479D81B26C90A60B5C3
                                                                                                                                                                                              SHA-256:6E019B8B9E389216D5BDF1F2FE63F41EF98E71DA101F2A6BE04F41CC5954532D
                                                                                                                                                                                              SHA-512:CF7EEE35D0E00945AF221BEC531E8BF06C08880DA00BD103FA561BC069D7C6F955CBA3C1C152A4884601E5A670B7487D39B4AE9A4D554ED8C14F129A74E555F7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j.......X..g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Network\b5bde39b-ed49-4d54-997b-d4680e0f9957.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2
                                                                                                                                                                                              Entropy (8bit):1.0
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:H:H
                                                                                                                                                                                              MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                              SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                              SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                              SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:[]

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Preferences (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5897
                                                                                                                                                                                              Entropy (8bit):4.821569938504199
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:st/x/ugws13PEb96G8zqd81h6Cb7/x+6Mhmuec+W1eAePGQk+2MR7K:st/l+sd7GkM8vbV+FSWQAZ3+PhK
                                                                                                                                                                                              MD5:BA0C89E6014AFE804353868F06C54FEB
                                                                                                                                                                                              SHA1:581860D113116C64D7B6D8D858580E678EE340A8
                                                                                                                                                                                              SHA-256:853351BE04837BC0A0EEB2EFB71858829DA105151F37AF0890FFD36E3B68B428
                                                                                                                                                                                              SHA-512:613576A88590A94FDB347D68620FA74BC02493882D3343C8EF615D475C2FE95B273BC616F7ED4786AF5789B1DBC8477E8A0F2FAA978835F753F030D524F462E8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13375026304235437","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":600,"browser_content_container_width":960,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13375026304383956","domain_diversity":{"last_reporting_timestamp":"13375026304578449"},"dual_user":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Preferences~RF70ab14.TMP (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5897
                                                                                                                                                                                              Entropy (8bit):4.821569938504199
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:st/x/ugws13PEb96G8zqd81h6Cb7/x+6Mhmuec+W1eAePGQk+2MR7K:st/l+sd7GkM8vbV+FSWQAZ3+PhK
                                                                                                                                                                                              MD5:BA0C89E6014AFE804353868F06C54FEB
                                                                                                                                                                                              SHA1:581860D113116C64D7B6D8D858580E678EE340A8
                                                                                                                                                                                              SHA-256:853351BE04837BC0A0EEB2EFB71858829DA105151F37AF0890FFD36E3B68B428
                                                                                                                                                                                              SHA-512:613576A88590A94FDB347D68620FA74BC02493882D3343C8EF615D475C2FE95B273BC616F7ED4786AF5789B1DBC8477E8A0F2FAA978835F753F030D524F462E8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13375026304235437","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":600,"browser_content_container_width":960,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13375026304383956","domain_diversity":{"last_reporting_timestamp":"13375026304578449"},"dual_user":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Preferences~RF70f81a.TMP (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5897
                                                                                                                                                                                              Entropy (8bit):4.821569938504199
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:st/x/ugws13PEb96G8zqd81h6Cb7/x+6Mhmuec+W1eAePGQk+2MR7K:st/l+sd7GkM8vbV+FSWQAZ3+PhK
                                                                                                                                                                                              MD5:BA0C89E6014AFE804353868F06C54FEB
                                                                                                                                                                                              SHA1:581860D113116C64D7B6D8D858580E678EE340A8
                                                                                                                                                                                              SHA-256:853351BE04837BC0A0EEB2EFB71858829DA105151F37AF0890FFD36E3B68B428
                                                                                                                                                                                              SHA-512:613576A88590A94FDB347D68620FA74BC02493882D3343C8EF615D475C2FE95B273BC616F7ED4786AF5789B1DBC8477E8A0F2FAA978835F753F030D524F462E8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13375026304235437","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":600,"browser_content_container_width":960,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13375026304383956","domain_diversity":{"last_reporting_timestamp":"13375026304578449"},"dual_user":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Preferences~RF716d4a.TMP (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5897
                                                                                                                                                                                              Entropy (8bit):4.821569938504199
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:st/x/ugws13PEb96G8zqd81h6Cb7/x+6Mhmuec+W1eAePGQk+2MR7K:st/l+sd7GkM8vbV+FSWQAZ3+PhK
                                                                                                                                                                                              MD5:BA0C89E6014AFE804353868F06C54FEB
                                                                                                                                                                                              SHA1:581860D113116C64D7B6D8D858580E678EE340A8
                                                                                                                                                                                              SHA-256:853351BE04837BC0A0EEB2EFB71858829DA105151F37AF0890FFD36E3B68B428
                                                                                                                                                                                              SHA-512:613576A88590A94FDB347D68620FA74BC02493882D3343C8EF615D475C2FE95B273BC616F7ED4786AF5789B1DBC8477E8A0F2FAA978835F753F030D524F462E8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13375026304235437","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":600,"browser_content_container_width":960,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13375026304383956","domain_diversity":{"last_reporting_timestamp":"13375026304578449"},"dual_user":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\PreferredApps

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):33
                                                                                                                                                                                              Entropy (8bit):4.051821770808046
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:YVXADAEvTLSJ:Y9AcEvHSJ
                                                                                                                                                                                              MD5:2B432FEF211C69C745ACA86DE4F8E4AB
                                                                                                                                                                                              SHA1:4B92DA8D4C0188CF2409500ADCD2200444A82FCC
                                                                                                                                                                                              SHA-256:42B55D126D1E640B1ED7A6BDCB9A46C81DF461FA7E131F4F8C7108C2C61C14DE
                                                                                                                                                                                              SHA-512:948502DE4DC89A7E9D2E1660451FCD0F44FD3816072924A44F145D821D0363233CC92A377DBA3A0A9F849E3C17B1893070025C369C8120083A622D025FE1EACF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"preferred_apps":[],"version":1}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\README

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):182
                                                                                                                                                                                              Entropy (8bit):4.2629097520179995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:RGXKRjg0QwVIWRKXECSAV6jDyhjgHGAW+LB2Z4MKLFE1SwhiFAfXQmWyKBPMwRgK:z3frsUpAQQgHGwB26MK8Sw06fXQmWtRT
                                                                                                                                                                                              MD5:643E00B0186AA80523F8A6BED550A925
                                                                                                                                                                                              SHA1:EC4056125D6F1A8890FFE01BFFC973C2F6ABD115
                                                                                                                                                                                              SHA-256:A0C9ABAE18599F0A65FC654AD36251F6330794BEA66B718A09D8B297F3E38E87
                                                                                                                                                                                              SHA-512:D91A934EAF7D9D669B8AD4452234DE6B23D15237CB4D251F2C78C8339CEE7B4F9BA6B8597E35FE8C81B3D6F64AE707C68FF492903C0EDC3E4BAF2C6B747E247D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:Microsoft Edge settings and storage represent user-selected preferences and information and MUST not be extracted, overwritten or modified except through Microsoft Edge defined APIs.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Secure Preferences (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6780
                                                                                                                                                                                              Entropy (8bit):5.580308954712527
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:vwi0Plf/ROoBpkF5d1Hi07VaTEv9V5h5pg5vezodIU86zSpsA5IOrMn3YPo0MG6c:5grXI9l5wSpFIOAn3go0iu8U
                                                                                                                                                                                              MD5:35EB1A5B4248AC1F76940D9FBA607851
                                                                                                                                                                                              SHA1:2B38E2D9F1B2683B34B276DF227D8775648CC681
                                                                                                                                                                                              SHA-256:B11C0B2FBF537DA15F0FF4820A662F0078D3250F9A702A30DD8702BD3131A633
                                                                                                                                                                                              SHA-512:FCA2E41C8E77A5F48F14573510C9A560D1FCF12D4EC0E48CB4C644654B94E6F9CA4F29FC2D1924EB0759DF63D90263E76776D5734BD96B3B2DF4A671B1873583
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"extensions":{"settings":{"dgiklkfkllikcanfonkcabmbdfmgleag":{"active_permissions":{"api":[],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13375026304143557","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13375026304143557","location":5,"manifest":{"content_capabilities":{"include_globs":["https://*excel.officeapps.live.com/*","https://*onenote.officeapps.live.com/*","https://*powerpoint.officeapps.live.com/*","https://*word-edit.officeapps.live.com/*","https://*excel.officeapps.live.com.mcas.ms/*","https://*onenote.officeapps.live.com.mcas.ms/*","https://*word-edit.officeapps.live.com.mcas.ms/*","https://*excel.partner.officewebapps.cn/*","https://*onenote.partner.officewebapps.cn/*","https://*powerpoint.partner.officewebapps.cn/*","https://*word-edit.partner.officewebapps.cn/*","https://*excel.gov.online.office365.us/*","

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Service Worker\Database\000001.dbtmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Service Worker\Database\000003.log

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):212
                                                                                                                                                                                              Entropy (8bit):4.8373681070287695
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:chXUQI2xH8BzNme/8HIUK8fCK7NJd5w1M/:cyQI2xcBzNm5oR8fRJjwa
                                                                                                                                                                                              MD5:ED78AE439E51920D4D6377710C523D0E
                                                                                                                                                                                              SHA1:662C2CBB036E9B72C83917FA500C1690866F1A45
                                                                                                                                                                                              SHA-256:64647E950A0AEE44C56AADD315A643ACDB7B0FD80671180BE4BCF9A43FA07E1A
                                                                                                                                                                                              SHA-512:ED99E8C0AC199E6C13A7134B964FD5CEFF9009FAA288398326DA145AA5421C044BA5BAC0E4B05FDE7B22C84EFB0DF9CE8DE244B8ECA15582C76473F480E0306F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:....I................URES:0...INITDATA_NEXT_RESOURCE_ID.1..INITDATA_DB_VERSION.2..?..................URES:0..PRES:0..u.>................REG:http://tauri.localhost/.0..REGID_TO_ORIGIN:0J4...................PRES:0

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Service Worker\Database\CURRENT (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Service Worker\Database\LOG

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):325
                                                                                                                                                                                              Entropy (8bit):5.243887019858108
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:Hu4m3M1N723GKY4Cutm9f/a252KLlVuEtq2PN723GKY4Cutm9f/a2ZIFUv:PusatYom9nxLptvVatYom9nJ2FUv
                                                                                                                                                                                              MD5:9351B79F4275C1CE7A7A08823059DB58
                                                                                                                                                                                              SHA1:7D6C77E4B3855C3E668C8E9C0858D04FB0FCC8C1
                                                                                                                                                                                              SHA-256:18588EFE93A3560F306D88799CC661BAB700537155E27ABC1735BA1D228D567E
                                                                                                                                                                                              SHA-512:1B8CDD18A467B1D49C6218B9AE683E7566FE3868816067224AFE682F85E2F3B11E3B989EDAAD0B050C33B5B630E7343E5B0A912177E0F886565A8F686CE498DA
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:2024/11/02-09:05:08.422 1ac4 Creating DB C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Service Worker\Database since it was missing..2024/11/02-09:05:08.434 1ac4 Reusing MANIFEST C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Service Worker\Database/MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Service Worker\Database\MANIFEST-000001

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):41
                                                                                                                                                                                              Entropy (8bit):4.704993772857998
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Service Worker\ScriptCache\index

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):24
                                                                                                                                                                                              Entropy (8bit):2.1431558784658327
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:m+l:m
                                                                                                                                                                                              MD5:54CB446F628B2EA4A5BCE5769910512E
                                                                                                                                                                                              SHA1:C27CA848427FE87F5CF4D0E0E3CD57151B0D820D
                                                                                                                                                                                              SHA-256:FBCFE23A2ECB82B7100C50811691DDE0A33AA3DA8D176BE9882A9DB485DC0F2D
                                                                                                                                                                                              SHA-512:8F6ED2E91AED9BD415789B1DBE591E7EAB29F3F1B48FDFA5E864D7BF4AE554ACC5D82B4097A770DABC228523253623E4296C5023CF48252E1B94382C43123CB0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:0\r..m..................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Service Worker\ScriptCache\index-dir\temp-index

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):48
                                                                                                                                                                                              Entropy (8bit):2.9138909867280645
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:prp+0EpOmh+n:qpOmh+n
                                                                                                                                                                                              MD5:7304D73EBBCF7A9BE6B88DD9DD2A2B85
                                                                                                                                                                                              SHA1:69CE52E4DB0BFA762A155CF09A04EE756D5983B7
                                                                                                                                                                                              SHA-256:46F2459D4094266699D0AD7C1541ACD630D4777550777DED694D614A73426BA9
                                                                                                                                                                                              SHA-512:22D14E9CFC531B0CB3E1C77B1ED2E1C8FC21593F82602EC9D317E06EACFA764547F2FA6112A08EB7C5D798E2BA4A8DF5767E0E353B302240B4D115BA6C79DC64
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:(...t.Lnoy retne........................5...../.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Service Worker\ScriptCache\index-dir\the-real-index (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):48
                                                                                                                                                                                              Entropy (8bit):2.9138909867280645
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:prp+0EpOmh+n:qpOmh+n
                                                                                                                                                                                              MD5:7304D73EBBCF7A9BE6B88DD9DD2A2B85
                                                                                                                                                                                              SHA1:69CE52E4DB0BFA762A155CF09A04EE756D5983B7
                                                                                                                                                                                              SHA-256:46F2459D4094266699D0AD7C1541ACD630D4777550777DED694D614A73426BA9
                                                                                                                                                                                              SHA-512:22D14E9CFC531B0CB3E1C77B1ED2E1C8FC21593F82602EC9D317E06EACFA764547F2FA6112A08EB7C5D798E2BA4A8DF5767E0E353B302240B4D115BA6C79DC64
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:(...t.Lnoy retne........................5...../.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Session Storage\000001.dbtmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Session Storage\000003.log

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:modified
                                                                                                                                                                                              Size (bytes):150
                                                                                                                                                                                              Entropy (8bit):5.011095007883987
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:S8ltHlS+QUl1ASEGaQ/dllajEG7pcsjRxTTcH9F3ECKANv:S85acla44RxHcdF37Nv
                                                                                                                                                                                              MD5:BC9CAAAB72A88A641F10854D34DA4A44
                                                                                                                                                                                              SHA1:363522AE1D65AA77DC7B5BA4532B48391B33A9AA
                                                                                                                                                                                              SHA-256:AF3D77C73E14A8CC5E1BAC0E85221A18F7E082DE6B96F1ADA94C46CD62589263
                                                                                                                                                                                              SHA-512:FA8E63FA2F4179D0336D384D0BF7B1572E3ECE0F59150E2E5712C2BB9D3AF8C7720CF9AE57DA8EB2C0A5F823971BB6EA8DEEAE5CFE935D4EA7B623AD3C3C1996
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:*...#................version.1..namespace-..ve................next-map-id.1.Fnamespace-d2dfb9c9_bd8e_4bbf_ba67_89e07be53f9c-http://tauri.localhost/.0

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Session Storage\CURRENT (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Session Storage\LOG

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):309
                                                                                                                                                                                              Entropy (8bit):5.272118590204806
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:HuwAl3M1N723GKY4Cutm9WQM72KLlVuwSFWlyq2PN723GKY4Cutm9WQMxIFUv:LusatYom9ILDSEyvVatYom9HFUv
                                                                                                                                                                                              MD5:0EBDBE5ABF65B72C6A028A9A4CD0216B
                                                                                                                                                                                              SHA1:C476615C0B73A2B363E1DE62418154931D1832B9
                                                                                                                                                                                              SHA-256:40C2F4789AAD00413A686AD920730D62CF122C70A207C57408D8A0310A01DAB7
                                                                                                                                                                                              SHA-512:1E1D3E8CC63E3C39EB633E4F928AC54237FB79B300089F1C01BF30A204ADAD350A7315A646B3A2956037CD4B39C33E1C5B59B042A1B0B79F50BC78163029865B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:2024/11/02-09:05:05.803 1734 Creating DB C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Session Storage since it was missing..2024/11/02-09:05:05.830 1734 Reusing MANIFEST C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Session Storage/MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Session Storage\MANIFEST-000001

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):41
                                                                                                                                                                                              Entropy (8bit):4.704993772857998
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Site Characteristics Database\000001.dbtmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Site Characteristics Database\000003.log

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):40
                                                                                                                                                                                              Entropy (8bit):3.473726825238924
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:41tt0diERGn:et084G
                                                                                                                                                                                              MD5:148079685E25097536785F4536AF014B
                                                                                                                                                                                              SHA1:C5FF5B1B69487A9DD4D244D11BBAFA91708C1A41
                                                                                                                                                                                              SHA-256:F096BC366A931FBA656BDCD77B24AF15A5F29FC53281A727C79F82C608ECFAB8
                                                                                                                                                                                              SHA-512:C2556034EA51ABFBC172EB62FF11F5AC45C317F84F39D4B9E3DDBD0190DA6EF7FA03FE63631B97AB806430442974A07F8E81B5F7DC52D9F2FCDC669ADCA8D91F
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.On.!................database_metadata.1

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Site Characteristics Database\CURRENT (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Site Characteristics Database\LOG

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):335
                                                                                                                                                                                              Entropy (8bit):5.155064283006541
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:Hu+1N723GKY4Cutm9UUh2gr52KLlVuP+q2PN723GKY4Cutm9UUh2ghZIFUv:ratYom9rhHJL0+vVatYom9rhHh2FUv
                                                                                                                                                                                              MD5:2A96F6D237396D512CDE3C29B2CAAE75
                                                                                                                                                                                              SHA1:F1D89FCC7CA3D5E715AB987881EC040B213D6DBC
                                                                                                                                                                                              SHA-256:5DD3D501BA03D3133E6FA8A070482230D84DE75A8EA324A43F0B1C458ED80898
                                                                                                                                                                                              SHA-512:8333E42AC3A35B1F74BBF4C26510A9FC1247C13690FD0BC42970914512548E79B9B3CFEA7A389D7290FB042559A5BA97E26915C2700ADA426F7D88962CEA346C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:2024/11/02-09:05:04.206 bbc Creating DB C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Site Characteristics Database since it was missing..2024/11/02-09:05:04.243 bbc Reusing MANIFEST C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Site Characteristics Database/MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Site Characteristics Database\MANIFEST-000001

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):41
                                                                                                                                                                                              Entropy (8bit):4.704993772857998
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Sync Data\LevelDB\000001.dbtmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Sync Data\LevelDB\000003.log

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):46
                                                                                                                                                                                              Entropy (8bit):4.019797536844534
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:sLollttz6sjlGXU2tkn:qolXtWswXU2tkn
                                                                                                                                                                                              MD5:90881C9C26F29FCA29815A08BA858544
                                                                                                                                                                                              SHA1:06FEE974987B91D82C2839A4BB12991FA99E1BDD
                                                                                                                                                                                              SHA-256:A2CA52E34B6138624AC2DD20349CDE28482143B837DB40A7F0FBDA023077C26A
                                                                                                                                                                                              SHA-512:15F7F8197B4FC46C4C5C2570FB1F6DD73CB125F9EE53DFA67F5A0D944543C5347BDAB5CCE95E91DD6C948C9023E23C7F9D76CFF990E623178C92F8D49150A625
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:...n'................_mts_schema_descriptor...

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Sync Data\LevelDB\CURRENT (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):313
                                                                                                                                                                                              Entropy (8bit):5.263905157969981
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:Hut81N723GKY4Cutm9gx2KLlVuqQ+q2PN723GKY4Cutm9WIFUv:1atYom9gVLa+vVatYom9PFUv
                                                                                                                                                                                              MD5:0E6A5DA4B7E74FB5CEE6E545BE674872
                                                                                                                                                                                              SHA1:FEF8D974915C4D49056E5AC5B0170F066A2BE82D
                                                                                                                                                                                              SHA-256:EC759B9AA1015160823DF54142BF6D0E32D274E4498813F50A29B55E3A984FAD
                                                                                                                                                                                              SHA-512:FB20907C71F4AC1438DEC85A1DAEC32995CF1E2F8BC0CED18F17AE4FBF8C0666E175D289916110579D8650F6637D300297EB784E2DE4529232675FDE1DBC71F7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:2024/11/02-09:05:04.410 179c Creating DB C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Sync Data\LevelDB since it was missing..2024/11/02-09:05:04.422 179c Reusing MANIFEST C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Sync Data\LevelDB/MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Sync Data\LevelDB\MANIFEST-000001

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):41
                                                                                                                                                                                              Entropy (8bit):4.704993772857998
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Top Sites

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):20480
                                                                                                                                                                                              Entropy (8bit):0.3528485475628876
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:TLiN6CZhDu6MvDOF5yEHFxOUwa5qguYZ75fOSiPe2d:TLiwCZwE8I6Uwcco5fBtC
                                                                                                                                                                                              MD5:F2B4FB2D384AA4E4D6F4AEB0BBA217DC
                                                                                                                                                                                              SHA1:2CD70CFB3CE72D9B079170C360C1F563B6BF150E
                                                                                                                                                                                              SHA-256:1ECC07CD1D383472DAD33D2A5766625009EA5EACBAEDE2417ADA1842654CBBC8
                                                                                                                                                                                              SHA-512:48D03991660FA1598B3E002F5BC5F0F05E9696BCB2289240FA8CCBB2C030CDD23245D4ECC0C64DA1E7C54B092C3E60AE0427358F63087018BF0E6CEDC471DD34
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g.....4....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Visited Links

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):131072
                                                                                                                                                                                              Entropy (8bit):0.0033769341339387224
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:ImtVuegleUio+n:IiVuegledVn
                                                                                                                                                                                              MD5:25BE405E67D5B9715E926721A1959E49
                                                                                                                                                                                              SHA1:CFF86F0D9D64BD923D2601EA7C0AD07E6949F631
                                                                                                                                                                                              SHA-256:3D8C0639C481E4B16017ED355CE18CC70460C79FECBB94F9E8C4FC4B27A0A82B
                                                                                                                                                                                              SHA-512:110E257A6ABD05609288D2ADB67BEA8D12AC6AD708D36ABFF8029F3B62A969564D063E35FCDF299BE228C0494DD1EE4A205C2279DA15FAC15B3F001EC56CBF36
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:VLnk.....?......a...<Eq.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\Web Data

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 3, database pages 87, cookie 0x36, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):178176
                                                                                                                                                                                              Entropy (8bit):0.9328712687751187
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:192:R2qAdB9TbTbuDDsnxCkvSAE+WslKOMq+c:R2qOB1nxCkvSAELyKOMq+c
                                                                                                                                                                                              MD5:6B2D5ED0A90C99FD05D58FE8E924C886
                                                                                                                                                                                              SHA1:34E1103E18E57E9D1769C89DFB2DAD84BFDD54B5
                                                                                                                                                                                              SHA-256:2873E973AB5B91CD07405FD5D35E2A843A408AD53696372BEC794F4582368E49
                                                                                                                                                                                              SHA-512:08373748A19C0381866090CB60929A4642BB624AF777240CB63B918180CEEE0C80DFAD852830FC6821AD6266DF1A865940A90D2089621F612617C5E92A4B29B2
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ .......W...........6......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\WebStorage\QuotaManager

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):40960
                                                                                                                                                                                              Entropy (8bit):0.4692999216835888
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:Tnj7dojKsKmjKZKAsjZNOjAhts3N8g1j3UcBdk:v7doKsKuKZKlZNmu46yjx2
                                                                                                                                                                                              MD5:8D2AB81987764527DC2F22A4E2BF0CF9
                                                                                                                                                                                              SHA1:F0F879E08C7495F22E6AEEBE1D7D9B3DC3BD1318
                                                                                                                                                                                              SHA-256:E0C7AE8B701E20FBDE2429B121EF337E7B581062B4F4634F212D8C9BB6C36D91
                                                                                                                                                                                              SHA-512:1DE8C4246FBAA4D59182C469AC2525063588365712EAA6D10B92B85DA59347F82A2B2C7BBEB657293E1D0A3F601B39818A25BC96FA0C689600A0A94B56847B46
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\bb565866-51eb-48d1-b67a-8badf909b887.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):6780
                                                                                                                                                                                              Entropy (8bit):5.580308954712527
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:vwi0Plf/ROoBpkF5d1Hi07VaTEv9V5h5pg5vezodIU86zSpsA5IOrMn3YPo0MG6c:5grXI9l5wSpFIOAn3go0iu8U
                                                                                                                                                                                              MD5:35EB1A5B4248AC1F76940D9FBA607851
                                                                                                                                                                                              SHA1:2B38E2D9F1B2683B34B276DF227D8775648CC681
                                                                                                                                                                                              SHA-256:B11C0B2FBF537DA15F0FF4820A662F0078D3250F9A702A30DD8702BD3131A633
                                                                                                                                                                                              SHA-512:FCA2E41C8E77A5F48F14573510C9A560D1FCF12D4EC0E48CB4C644654B94E6F9CA4F29FC2D1924EB0759DF63D90263E76776D5734BD96B3B2DF4A671B1873583
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"extensions":{"settings":{"dgiklkfkllikcanfonkcabmbdfmgleag":{"active_permissions":{"api":[],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13375026304143557","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13375026304143557","location":5,"manifest":{"content_capabilities":{"include_globs":["https://*excel.officeapps.live.com/*","https://*onenote.officeapps.live.com/*","https://*powerpoint.officeapps.live.com/*","https://*word-edit.officeapps.live.com/*","https://*excel.officeapps.live.com.mcas.ms/*","https://*onenote.officeapps.live.com.mcas.ms/*","https://*word-edit.officeapps.live.com.mcas.ms/*","https://*excel.partner.officewebapps.cn/*","https://*onenote.partner.officewebapps.cn/*","https://*powerpoint.partner.officewebapps.cn/*","https://*word-edit.partner.officewebapps.cn/*","https://*excel.gov.online.office365.us/*","

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\databases\Databases.db

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):28672
                                                                                                                                                                                              Entropy (8bit):0.3410017321959524
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:TLiqi/nGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiMNiD+lZk/Fj+6UwccNp15fBG
                                                                                                                                                                                              MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                                                                                                                                                                              SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                                                                                                                                                                              SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                                                                                                                                                                              SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\df3ae445-3faf-4820-8eb2-b1a1819cee7b.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):5897
                                                                                                                                                                                              Entropy (8bit):4.821569938504199
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:st/x/ugws13PEb96G8zqd81h6Cb7/x+6Mhmuec+W1eAePGQk+2MR7K:st/l+sd7GkM8vbV+FSWQAZ3+PhK
                                                                                                                                                                                              MD5:BA0C89E6014AFE804353868F06C54FEB
                                                                                                                                                                                              SHA1:581860D113116C64D7B6D8D858580E678EE340A8
                                                                                                                                                                                              SHA-256:853351BE04837BC0A0EEB2EFB71858829DA105151F37AF0890FFD36E3B68B428
                                                                                                                                                                                              SHA-512:613576A88590A94FDB347D68620FA74BC02493882D3343C8EF615D475C2FE95B273BC616F7ED4786AF5789B1DBC8477E8A0F2FAA978835F753F030D524F462E8
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13375026304235437","alternate_error_pages":{"backup":true,"enabled":false},"autocomplete":{"retention_policy_last_version":117},"autofill":{"autostuff_enabled":false,"credit_card_enabled":false,"custom_data_enabled":false,"custom_data_fill_enabled":false,"custom_data_identify_info_from_form_enabled":false,"custom_data_save_enabled":false},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false},"browser_content_container_height":600,"browser_content_container_width":960,"browser_content_container_x":0,"browser_content_container_y":0,"countryid_at_install":17224,"credentials_enable_service":false,"dips_timer_last_update":"13375026304383956","domain_diversity":{"last_reporting_timestamp":"13375026304578449"},"dual_user":{"consumer_mode":{"ie_user":false},"consumer_site_list_with_ie_entries":false,"consumer_sitelist_location":"","consumer_sitelist_version":"","external_consumer_shared_cookie_data":

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\heavy_ad_intervention_opt_out.db

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 4, cookie 0x2, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16384
                                                                                                                                                                                              Entropy (8bit):0.35226517389931394
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:12:TLC+waBg9LBgVDBgQjiZBgKuFtuQkMbmgcVAzO5kMCgGUg5OR:TLPdBgtBgJBgQjiZS53uQFE27MCgGZsR
                                                                                                                                                                                              MD5:D2CCDC36225684AAE8FA563AFEDB14E7
                                                                                                                                                                                              SHA1:3759649035F23004A4C30A14C5F0B54191BEBF80
                                                                                                                                                                                              SHA-256:080AEE864047C67CB1586A5BA5EDA007AFD18ECC2B702638287E386F159D7AEE
                                                                                                                                                                                              SHA-512:1A915AF643D688CA68AEDC1FF26C407D960D18DFDE838B417C437D7ADAC7B91C906E782DCC414784E64287915BD1DE5BB6A282E59AA9FEB8C384B4D4BC5F70EC
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:SQLite format 3......@ ..........................................................................j.......Q......Q......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\shared_proto_db\000001.dbtmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\shared_proto_db\000003.log

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:modified
                                                                                                                                                                                              Size (bytes):195
                                                                                                                                                                                              Entropy (8bit):2.7998631831187235
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:VVXntjQPEnjQvxljljljljljljl:/XntM+4ljljljljljljl
                                                                                                                                                                                              MD5:00C0DEFAC69CFE6E18C6FD4D684D6625
                                                                                                                                                                                              SHA1:F80E1AB029E1116EE2FE85B2ECBF0959CCE884A7
                                                                                                                                                                                              SHA-256:1FCAFCF037F8CE32A6EB94539F4A7D67FC51FE2BD8EDBD95C1D0322841EEC8A2
                                                                                                                                                                                              SHA-512:C9411AEDDD3937D778BFE37FD489409E49304EBF3D3E7D686BDE4EE9C71E23A57224B622902948AD4BB422FFF3FB9386D02F956807FFF0185E9EF99FA2E157CF
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:A..r.................20_1_1...1.,U.................20_1_1...1..&f.................&f.................&f.................&f.................&f.................&f.................&f...............

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\shared_proto_db\CURRENT (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\shared_proto_db\LOG

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):309
                                                                                                                                                                                              Entropy (8bit):5.301857563120087
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:Hu+1N723GKY4Cutm94rl2KLlVuPL+q2PN723GKY4Cutm94rK+IFUv:ZatYom9qLCL+vVatYom953FUv
                                                                                                                                                                                              MD5:A674B562C6EE89181F0CEFC6EF9DD82E
                                                                                                                                                                                              SHA1:41A58D522A5EDA48FCC4DD4B7D216613FB95D227
                                                                                                                                                                                              SHA-256:FA438F5557ED17446B7DA57224717A96DC0FCF1A0F580031F4C55308E53CFF2F
                                                                                                                                                                                              SHA-512:8FCED0766E55E94AF3C43422693BEDFD2581855BB77859735B61CB8EDC71A8ABDB3B9FF25B5F3F9100E52CC74361DB2628F7789B3565DDFD30A8199AF10882A7
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:2024/11/02-09:05:04.572 105c Creating DB C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\shared_proto_db since it was missing..2024/11/02-09:05:04.597 105c Reusing MANIFEST C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\shared_proto_db/MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\shared_proto_db\MANIFEST-000001

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):41
                                                                                                                                                                                              Entropy (8bit):4.704993772857998
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\shared_proto_db\metadata\000001.dbtmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):443
                                                                                                                                                                                              Entropy (8bit):3.867798942449343
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:G0Xtqcsqc9Ct3mxKm9l1mdkZt3mDtmF2lHDNm8L/3mtyWmF2lpgll1mF2lA3m88p:G0nYUtegetU3p/F+iPAHlT0
                                                                                                                                                                                              MD5:349A0C9A1709350BC28752242D084173
                                                                                                                                                                                              SHA1:57F50120B8168517FA2975E1EE488C069C738DBE
                                                                                                                                                                                              SHA-256:9F22DD903E8833CC7CA0A0C6779F3F1F3D2627CAE6AEBE6756D33D351E68A9A9
                                                                                                                                                                                              SHA-512:690578A2BD6502C4CCBA00765AC207219F860516CB424DA4DE407879D1B0CA71C9D7C14A02DADF9519EC98D40D2092D1B0FAC9C0BCBE0DFFFBA6C1EA4A53B7CB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................21_......-.t.................21_......'..................33_.....<...................20_.....,.1..................19_.....QL.s.................18_......Q...................20_.......w<.................20_.......ln.................19_......Y...................18_.....%.{..................9_.....f..U.................9_.....

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\shared_proto_db\metadata\CURRENT (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):16
                                                                                                                                                                                              Entropy (8bit):3.2743974703476995
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                              MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                              SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                              SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                              SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):327
                                                                                                                                                                                              Entropy (8bit):5.263306598861407
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:6:HuDD1N723GKY4Cutm94rzs52KLlVu8+L+q2PN723GKY4Cutm94rzAdIFUv:satYom959Lf+L+vVatYom9uFUv
                                                                                                                                                                                              MD5:4DF36DB6992528E552B0B46BBACDE4EC
                                                                                                                                                                                              SHA1:EB2B059C2614E128B4183C670E6571F86DCF7770
                                                                                                                                                                                              SHA-256:17CE20086DAA2F461286E23E4F4E0FFDD167E64AD94A3F8955E0E2A74C74BCF7
                                                                                                                                                                                              SHA-512:293AF8A5DC80C87F1B856A49933318AD5873447F2E693D0B6EA53B8F402FE9D72D893FE926FBD06EB8ECD9307604EB91D995F1607350A3058B94A0B947ACAAB0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:2024/11/02-09:05:04.249 105c Creating DB C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\shared_proto_db\metadata since it was missing..2024/11/02-09:05:04.287 105c Reusing MANIFEST C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\shared_proto_db\metadata/MANIFEST-000001.

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Default\shared_proto_db\metadata\MANIFEST-000001

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:OpenPGP Secret Key
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):41
                                                                                                                                                                                              Entropy (8bit):4.704993772857998
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                              MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                              SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                              SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                              SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\GrShaderCache\data_0

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.01057775872642915
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsFl:/F
                                                                                                                                                                                              MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                              SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                              SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                              SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\GrShaderCache\data_1

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):270336
                                                                                                                                                                                              Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                                              MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                                              SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                                              SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                                              SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\GrShaderCache\data_2

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.011852361981932763
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                              MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                              SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                              SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                              SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\GrShaderCache\data_3

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.012340643231932763
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                              MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                              SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                              SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                              SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\GrShaderCache\index

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):262512
                                                                                                                                                                                              Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:LsNli5hK/:Ls3i5hK/
                                                                                                                                                                                              MD5:73339C3121AEF5803A092D9C7ECBAE1E
                                                                                                                                                                                              SHA1:9A96591ADC3D791B338CD9443D066838AE8A30AD
                                                                                                                                                                                              SHA-256:E14C04F9B3DBAF935E6A3EF3FB383635BE14386E421D56C70FFDC5C8FC135AC6
                                                                                                                                                                                              SHA-512:70BB16F183E3B849151D0E61BE3FED4A3FA1BF1B8EAE8AB758678AAAA963CD01C31176B3A37DA4B92175C6F8B6F995BB385DC046EADB4F59C3721BCEB6335F6D
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:............................................../.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\GraphiteDawnCache\data_0

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.01057775872642915
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsFl:/F
                                                                                                                                                                                              MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                              SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                              SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                              SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\GraphiteDawnCache\data_1

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):270336
                                                                                                                                                                                              Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                                              MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                                              SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                                              SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                                              SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\GraphiteDawnCache\data_2

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.011852361981932763
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                              MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                              SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                              SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                              SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\GraphiteDawnCache\data_3

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.012340643231932763
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                              MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                              SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                              SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                              SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\GraphiteDawnCache\index

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):262512
                                                                                                                                                                                              Entropy (8bit):9.553120663130604E-4
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:LsNl5Imc/:Ls3WV
                                                                                                                                                                                              MD5:B027C93BA6B29EEFDCDDA0691796153D
                                                                                                                                                                                              SHA1:A2CA1AD16F8DCAE9FF9D3AD4341E43CCBDD3B96C
                                                                                                                                                                                              SHA-256:F061660D1E6EDCD2CF5E843296349C2838C749EBEBF8E6C9D1B1BB3A8B35D62A
                                                                                                                                                                                              SHA-512:5B2DDD7F3AEEF23E8C112C5F8C52FF0C8A6145428D8CB476F9D236ADD2660DEF31043910996A539EEA736A0806F335CC794EEBDCF365D6DA681A92BC1589A982
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:............................................./.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Last Version

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:ASCII text, with no line terminators
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):13
                                                                                                                                                                                              Entropy (8bit):2.7192945256669794
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:NYLFRQI:ap2I
                                                                                                                                                                                              MD5:BF16C04B916ACE92DB941EBB1AF3CB18
                                                                                                                                                                                              SHA1:FA8DAEAE881F91F61EE0EE21BE5156255429AA8A
                                                                                                                                                                                              SHA-256:7FC23C9028A316EC0AC25B09B5B0D61A1D21E58DFCF84C2A5F5B529129729098
                                                                                                                                                                                              SHA-512:F0B7DF5517596B38D57C57B5777E008D6229AB5B1841BBE74602C77EEA2252BF644B8650C7642BD466213F62E15CC7AB5A95B28E26D3907260ED1B96A74B65FB
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:117.0.2045.47

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Local State (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):953
                                                                                                                                                                                              Entropy (8bit):5.723580365691726
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:YKWJu5rrtsk4gDoQXR1qqtBRaeCiWO2vbvXHLQQRCYfYg:Yqfx4g3FBRZ32Dv3kB0
                                                                                                                                                                                              MD5:845216B3483F0B36FAA6AEDAD4516142
                                                                                                                                                                                              SHA1:07CE303AFF85307A27955587D90CDA6780BD2CE0
                                                                                                                                                                                              SHA-256:8F3B47E87DC14A102403F7E7D236CD4898DFFECEFA8ADC70626F030DEEBAA975
                                                                                                                                                                                              SHA-512:770139BB40928EC4FB9EEF19C38BA1F577EABE85ABD2E11D82114754CDF0E75C082F4DDCD9B80BAB398EED5FDE18509AB5ED5D27D0F06939394A383ED9C55B32
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACde9GjpdpiRpaMIGnk6V2uEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADcOGPJJDW7Ws9BEI0LmxwFCS5m0G91BJ4rgZ9ElbLo8QAAAAAOgAAAAAIAACAAAAC4wiTMrUy3pjnHP1vsbrg/NVxDC4wzpHWt1sNG/hfHyjAAAAAwMmfoE9mhK6+B2PhkFNv4NfC04a72VD6zpYZ8DyqnwF4xEYRUcSoujaBAszSXwApAAAAALM2xOqE+GYirPt3Ba4tCOmhMLA3aoQ12rGMqdIV+iDsS31Hpvm93b64CE+/CfXOYYoqOg3fDb/uxmq50cf4MzQ=="},"uninstall_metrics":{"installation_date2":"1730552703"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":4083,"pseudo_low_entropy_source":1211,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13375026303310552","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Local State~RF705b5d.TMP (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):953
                                                                                                                                                                                              Entropy (8bit):5.723580365691726
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:YKWJu5rrtsk4gDoQXR1qqtBRaeCiWO2vbvXHLQQRCYfYg:Yqfx4g3FBRZ32Dv3kB0
                                                                                                                                                                                              MD5:845216B3483F0B36FAA6AEDAD4516142
                                                                                                                                                                                              SHA1:07CE303AFF85307A27955587D90CDA6780BD2CE0
                                                                                                                                                                                              SHA-256:8F3B47E87DC14A102403F7E7D236CD4898DFFECEFA8ADC70626F030DEEBAA975
                                                                                                                                                                                              SHA-512:770139BB40928EC4FB9EEF19C38BA1F577EABE85ABD2E11D82114754CDF0E75C082F4DDCD9B80BAB398EED5FDE18509AB5ED5D27D0F06939394A383ED9C55B32
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACde9GjpdpiRpaMIGnk6V2uEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADcOGPJJDW7Ws9BEI0LmxwFCS5m0G91BJ4rgZ9ElbLo8QAAAAAOgAAAAAIAACAAAAC4wiTMrUy3pjnHP1vsbrg/NVxDC4wzpHWt1sNG/hfHyjAAAAAwMmfoE9mhK6+B2PhkFNv4NfC04a72VD6zpYZ8DyqnwF4xEYRUcSoujaBAszSXwApAAAAALM2xOqE+GYirPt3Ba4tCOmhMLA3aoQ12rGMqdIV+iDsS31Hpvm93b64CE+/CfXOYYoqOg3fDb/uxmq50cf4MzQ=="},"uninstall_metrics":{"installation_date2":"1730552703"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":4083,"pseudo_low_entropy_source":1211,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13375026303310552","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Local State~RF705bda.TMP (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):953
                                                                                                                                                                                              Entropy (8bit):5.723580365691726
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:YKWJu5rrtsk4gDoQXR1qqtBRaeCiWO2vbvXHLQQRCYfYg:Yqfx4g3FBRZ32Dv3kB0
                                                                                                                                                                                              MD5:845216B3483F0B36FAA6AEDAD4516142
                                                                                                                                                                                              SHA1:07CE303AFF85307A27955587D90CDA6780BD2CE0
                                                                                                                                                                                              SHA-256:8F3B47E87DC14A102403F7E7D236CD4898DFFECEFA8ADC70626F030DEEBAA975
                                                                                                                                                                                              SHA-512:770139BB40928EC4FB9EEF19C38BA1F577EABE85ABD2E11D82114754CDF0E75C082F4DDCD9B80BAB398EED5FDE18509AB5ED5D27D0F06939394A383ED9C55B32
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACde9GjpdpiRpaMIGnk6V2uEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADcOGPJJDW7Ws9BEI0LmxwFCS5m0G91BJ4rgZ9ElbLo8QAAAAAOgAAAAAIAACAAAAC4wiTMrUy3pjnHP1vsbrg/NVxDC4wzpHWt1sNG/hfHyjAAAAAwMmfoE9mhK6+B2PhkFNv4NfC04a72VD6zpYZ8DyqnwF4xEYRUcSoujaBAszSXwApAAAAALM2xOqE+GYirPt3Ba4tCOmhMLA3aoQ12rGMqdIV+iDsS31Hpvm93b64CE+/CfXOYYoqOg3fDb/uxmq50cf4MzQ=="},"uninstall_metrics":{"installation_date2":"1730552703"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":4083,"pseudo_low_entropy_source":1211,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13375026303310552","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Local State~RF7082db.TMP (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):953
                                                                                                                                                                                              Entropy (8bit):5.723580365691726
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:YKWJu5rrtsk4gDoQXR1qqtBRaeCiWO2vbvXHLQQRCYfYg:Yqfx4g3FBRZ32Dv3kB0
                                                                                                                                                                                              MD5:845216B3483F0B36FAA6AEDAD4516142
                                                                                                                                                                                              SHA1:07CE303AFF85307A27955587D90CDA6780BD2CE0
                                                                                                                                                                                              SHA-256:8F3B47E87DC14A102403F7E7D236CD4898DFFECEFA8ADC70626F030DEEBAA975
                                                                                                                                                                                              SHA-512:770139BB40928EC4FB9EEF19C38BA1F577EABE85ABD2E11D82114754CDF0E75C082F4DDCD9B80BAB398EED5FDE18509AB5ED5D27D0F06939394A383ED9C55B32
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACde9GjpdpiRpaMIGnk6V2uEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADcOGPJJDW7Ws9BEI0LmxwFCS5m0G91BJ4rgZ9ElbLo8QAAAAAOgAAAAAIAACAAAAC4wiTMrUy3pjnHP1vsbrg/NVxDC4wzpHWt1sNG/hfHyjAAAAAwMmfoE9mhK6+B2PhkFNv4NfC04a72VD6zpYZ8DyqnwF4xEYRUcSoujaBAszSXwApAAAAALM2xOqE+GYirPt3Ba4tCOmhMLA3aoQ12rGMqdIV+iDsS31Hpvm93b64CE+/CfXOYYoqOg3fDb/uxmq50cf4MzQ=="},"uninstall_metrics":{"installation_date2":"1730552703"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":4083,"pseudo_low_entropy_source":1211,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13375026303310552","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Local State~RF70b564.TMP (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):953
                                                                                                                                                                                              Entropy (8bit):5.723580365691726
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:YKWJu5rrtsk4gDoQXR1qqtBRaeCiWO2vbvXHLQQRCYfYg:Yqfx4g3FBRZ32Dv3kB0
                                                                                                                                                                                              MD5:845216B3483F0B36FAA6AEDAD4516142
                                                                                                                                                                                              SHA1:07CE303AFF85307A27955587D90CDA6780BD2CE0
                                                                                                                                                                                              SHA-256:8F3B47E87DC14A102403F7E7D236CD4898DFFECEFA8ADC70626F030DEEBAA975
                                                                                                                                                                                              SHA-512:770139BB40928EC4FB9EEF19C38BA1F577EABE85ABD2E11D82114754CDF0E75C082F4DDCD9B80BAB398EED5FDE18509AB5ED5D27D0F06939394A383ED9C55B32
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACde9GjpdpiRpaMIGnk6V2uEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADcOGPJJDW7Ws9BEI0LmxwFCS5m0G91BJ4rgZ9ElbLo8QAAAAAOgAAAAAIAACAAAAC4wiTMrUy3pjnHP1vsbrg/NVxDC4wzpHWt1sNG/hfHyjAAAAAwMmfoE9mhK6+B2PhkFNv4NfC04a72VD6zpYZ8DyqnwF4xEYRUcSoujaBAszSXwApAAAAALM2xOqE+GYirPt3Ba4tCOmhMLA3aoQ12rGMqdIV+iDsS31Hpvm93b64CE+/CfXOYYoqOg3fDb/uxmq50cf4MzQ=="},"uninstall_metrics":{"installation_date2":"1730552703"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":4083,"pseudo_low_entropy_source":1211,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13375026303310552","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Local State~RF716c12.TMP (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):953
                                                                                                                                                                                              Entropy (8bit):5.723580365691726
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:YKWJu5rrtsk4gDoQXR1qqtBRaeCiWO2vbvXHLQQRCYfYg:Yqfx4g3FBRZ32Dv3kB0
                                                                                                                                                                                              MD5:845216B3483F0B36FAA6AEDAD4516142
                                                                                                                                                                                              SHA1:07CE303AFF85307A27955587D90CDA6780BD2CE0
                                                                                                                                                                                              SHA-256:8F3B47E87DC14A102403F7E7D236CD4898DFFECEFA8ADC70626F030DEEBAA975
                                                                                                                                                                                              SHA-512:770139BB40928EC4FB9EEF19C38BA1F577EABE85ABD2E11D82114754CDF0E75C082F4DDCD9B80BAB398EED5FDE18509AB5ED5D27D0F06939394A383ED9C55B32
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACde9GjpdpiRpaMIGnk6V2uEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADcOGPJJDW7Ws9BEI0LmxwFCS5m0G91BJ4rgZ9ElbLo8QAAAAAOgAAAAAIAACAAAAC4wiTMrUy3pjnHP1vsbrg/NVxDC4wzpHWt1sNG/hfHyjAAAAAwMmfoE9mhK6+B2PhkFNv4NfC04a72VD6zpYZ8DyqnwF4xEYRUcSoujaBAszSXwApAAAAALM2xOqE+GYirPt3Ba4tCOmhMLA3aoQ12rGMqdIV+iDsS31Hpvm93b64CE+/CfXOYYoqOg3fDb/uxmq50cf4MzQ=="},"uninstall_metrics":{"installation_date2":"1730552703"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":4083,"pseudo_low_entropy_source":1211,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13375026303310552","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Local State~RF71edb5.TMP (copy)

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):953
                                                                                                                                                                                              Entropy (8bit):5.723580365691726
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:24:YKWJu5rrtsk4gDoQXR1qqtBRaeCiWO2vbvXHLQQRCYfYg:Yqfx4g3FBRZ32Dv3kB0
                                                                                                                                                                                              MD5:845216B3483F0B36FAA6AEDAD4516142
                                                                                                                                                                                              SHA1:07CE303AFF85307A27955587D90CDA6780BD2CE0
                                                                                                                                                                                              SHA-256:8F3B47E87DC14A102403F7E7D236CD4898DFFECEFA8ADC70626F030DEEBAA975
                                                                                                                                                                                              SHA-512:770139BB40928EC4FB9EEF19C38BA1F577EABE85ABD2E11D82114754CDF0E75C082F4DDCD9B80BAB398EED5FDE18509AB5ED5D27D0F06939394A383ED9C55B32
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACde9GjpdpiRpaMIGnk6V2uEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADcOGPJJDW7Ws9BEI0LmxwFCS5m0G91BJ4rgZ9ElbLo8QAAAAAOgAAAAAIAACAAAAC4wiTMrUy3pjnHP1vsbrg/NVxDC4wzpHWt1sNG/hfHyjAAAAAwMmfoE9mhK6+B2PhkFNv4NfC04a72VD6zpYZ8DyqnwF4xEYRUcSoujaBAszSXwApAAAAALM2xOqE+GYirPt3Ba4tCOmhMLA3aoQ12rGMqdIV+iDsS31Hpvm93b64CE+/CfXOYYoqOg3fDb/uxmq50cf4MzQ=="},"uninstall_metrics":{"installation_date2":"1730552703"},"user_experience_metrics":{"client_id2":"{F3017226-FE2A-4295-8BDF-00C3A9A7E4C5}C:\\Users\\user0s:92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A","diagnostics":{"last_data_collection_level_on_launch":1},"low_entropy_source3":4083,"pseudo_low_entropy_source":1211,"reset_client_id_deterministic":true,"stability":{"browser_last_live_timestamp":"13375026303310552","stats_buildtime":"1695934310","stats_version":"117.0.2045.47-64","system_crash_count":0}}}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\ShaderCache\data_0

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:FoxPro FPT, blocks size 512, next free block index 3284796609, field type 0
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.01057775872642915
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsFl:/F
                                                                                                                                                                                              MD5:CF89D16BB9107C631DAABF0C0EE58EFB
                                                                                                                                                                                              SHA1:3AE5D3A7CF1F94A56E42F9A58D90A0B9616AE74B
                                                                                                                                                                                              SHA-256:D6A5FE39CD672781B256E0E3102F7022635F1D4BB7CFCC90A80FFFE4D0F3877E
                                                                                                                                                                                              SHA-512:8CB5B059C8105EB91E74A7D5952437AAA1ADA89763C5843E7B0F1B93D9EBE15ED40F287C652229291FAC02D712CF7FF5ECECEF276BA0D7DDC35558A3EC3F77B0
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:............$...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\ShaderCache\data_1

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):270336
                                                                                                                                                                                              Entropy (8bit):8.280239615765425E-4
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsEllllkEthXllkl2:/M/xT02
                                                                                                                                                                                              MD5:D0D388F3865D0523E451D6BA0BE34CC4
                                                                                                                                                                                              SHA1:8571C6A52AACC2747C048E3419E5657B74612995
                                                                                                                                                                                              SHA-256:902F30C1FB0597D0734BC34B979EC5D131F8F39A4B71B338083821216EC8D61B
                                                                                                                                                                                              SHA-512:376011D00DE659EB6082A74E862CFAC97A9BB508E0B740761505142E2D24EC1C30AA61EFBC1C0DD08FF0F34734444DE7F77DD90A6CA42B48A4C7FAD5F0BDDD17
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\ShaderCache\data_2

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.011852361981932763
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsHlDll:/H
                                                                                                                                                                                              MD5:0962291D6D367570BEE5454721C17E11
                                                                                                                                                                                              SHA1:59D10A893EF321A706A9255176761366115BEDCB
                                                                                                                                                                                              SHA-256:EC1702806F4CC7C42A82FC2B38E89835FDE7C64BB32060E0823C9077CA92EFB7
                                                                                                                                                                                              SHA-512:F555E961B69E09628EAF9C61F465871E6984CD4D31014F954BB747351DAD9CEA6D17C1DB4BCA2C1EB7F187CB5F3C0518748C339C8B43BBD1DBD94AEAA16F58ED
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\ShaderCache\data_3

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):8192
                                                                                                                                                                                              Entropy (8bit):0.012340643231932763
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:MsGl3ll:/y
                                                                                                                                                                                              MD5:41876349CB12D6DB992F1309F22DF3F0
                                                                                                                                                                                              SHA1:5CF26B3420FC0302CD0A71E8D029739B8765BE27
                                                                                                                                                                                              SHA-256:E09F42C398D688DCE168570291F1F92D079987DEDA3099A34ADB9E8C0522B30C
                                                                                                                                                                                              SHA-512:E9A4FC1F7CB6AE2901F8E02354A92C4AAA7A53C640DCF692DB42A27A5ACC2A3BFB25A0DE0EB08AB53983132016E7D43132EA4292E439BB636AAFD53FB6EF907E
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\ShaderCache\index

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:FoxPro FPT, blocks size 768, next free block index 3284796353, field type 0
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):262512
                                                                                                                                                                                              Entropy (8bit):9.47693366977411E-4
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:LsNlk8:Ls3k8
                                                                                                                                                                                              MD5:FFD7D4B776B87EEC592AF0483427FD31
                                                                                                                                                                                              SHA1:A5E2A57FC65B479AF375FA35D9728465058479F1
                                                                                                                                                                                              SHA-256:DE43B2C3A3706CE4D04FDA24A2FD3AF882C90FB3C1A430827D071A3B69FCB779
                                                                                                                                                                                              SHA-512:5704CDC8BD477E8790DB000617F246EA837B699965752070B8D8D8873D30228EA87AEF1B2224354C72EA12FC78B6C40DD0E5194A052F1CEF43BD02D19049AD4B
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:........................................P..../.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Variations

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):86
                                                                                                                                                                                              Entropy (8bit):4.3751917412896075
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:3:YQ3JYq9xSs0dMEJAELJ2rjozQan:YQ3Kq9X0dMgAEwjM
                                                                                                                                                                                              MD5:961E3604F228B0D10541EBF921500C86
                                                                                                                                                                                              SHA1:6E00570D9F78D9CFEBE67D4DA5EFE546543949A7
                                                                                                                                                                                              SHA-256:F7B24F2EB3D5EB0550527490395D2F61C3D2FE74BB9CB345197DAD81B58B5FED
                                                                                                                                                                                              SHA-512:535F930AFD2EF50282715C7E48859CC2D7B354FF4E6C156B94D5A2815F589B33189FFEDFCAF4456525283E993087F9F560D84CFCF497D189AB8101510A09C472
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"user_experience_metrics.stability.exited_cleanly":false,"variations_crash_streak":0}

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\a6b655e0-afd0-498d-ae45-98007491df47.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):2903
                                                                                                                                                                                              Entropy (8bit):5.298012546425553
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:48:YDEFMsFiHGS0afx4g3he3p8QSh/cIgwLURMYXylVotoWX5K1DphHB+CdrxjBRZ3I:PNkGS1fx4gM58rh/cI9URoDotoeWRB3A
                                                                                                                                                                                              MD5:0CEA2B2BAE4C8B846DB2F4A6F60090FB
                                                                                                                                                                                              SHA1:7A097349E0319320694A458E24F5DF18B330D826
                                                                                                                                                                                              SHA-256:34FA01694DF48EBC6EBF6F4A221E8265D9F3F0688294EDFDD11AB38C72703D0C
                                                                                                                                                                                              SHA-512:00F0DB76FEE15D90255884523D41A2EFEC740D9C241A3DC34B629FBA3B094B5F1A4A3396194EB48F1AAE4A4404B4425A91C6B25B114CBD69BF2978AA085B3B23
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"dual_user":{"ie_to_edge":{"redirection_mode":0}},"edge":{"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"fre":{"oem_bookmarks_set":true},"hardware_acceleration_mode_previous":true,"legacy":{"profile":{"name":{"migrated":true}}},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACde9GjpdpiRpaMIGnk6V2uEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADcOGPJJDW7Ws9BEI0LmxwFCS5m0G91BJ4rgZ9ElbLo8QAAAAAOgAAAAAIAACAAAAC4wiTMrUy3pjnHP1vsbrg/NVxDC4wzpHWt1sNG/hfHyjAAAAAwMmfoE9mhK6+B2PhkFNv4NfC04a72VD6zpYZ8DyqnwF4xEYRUcSoujaBAszSXwApAAAAALM2xOqE+GYirPt3Ba4tCOmhMLA3aoQ12rGMqdIV+iDsS31Hpvm93b64CE+/CfXOYYoqOg3fDb/uxmq50cf4MzQ=="},"policy":{"last_statistics_update":"13375026304061848"},"profile":{"info_cache":{"Default":{"avatar_icon":"chrome://t

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\c991e164-9272-4afb-82cf-6ca66dbe4d98.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):3596
                                                                                                                                                                                              Entropy (8bit):5.268117076027816
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:96:TNkGSCjfx4gMzE8rh/cIyURoDoto+gWEBSnrZADT3kX4u:TNBS2bepVoDUDoSW/32
                                                                                                                                                                                              MD5:770A871E5F4425ACE78630B032BC72CB
                                                                                                                                                                                              SHA1:95BDAA075E7416ED4664516A4571CE5399493701
                                                                                                                                                                                              SHA-256:901A4F42FDE60CC350C4DC3FC26C7E03D591A1A80B8A4C962F590EAF508F1A69
                                                                                                                                                                                              SHA-512:2669F236E290CAAC8888996B0307B6C926C0081CB08AC334FB9EEB74B512C7EEF390DA462D77621F5225B329F86332E9EDED2404DF033DC078FF764ECA63F315
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"desktop_session_duration_tracker":{"last_session_end_timestamp":"1730552712"},"dual_user":{"ie_to_edge":{"redirection_mode":0}},"edge":{"tab_stabs":{"closed_without_unfreeze_never_unfrozen":0,"closed_without_unfreeze_previously_unfrozen":0,"discard_without_unfreeze_never_unfrozen":0,"discard_without_unfreeze_previously_unfrozen":0},"tab_stats":{"frozen_daily":0,"unfrozen_daily":0}},"fre":{"oem_bookmarks_set":true},"hardware_acceleration_mode_previous":true,"is_dsp_recommended":true,"legacy":{"profile":{"name":{"migrated":true}}},"network_time":{"network_time_mapping":{"local":1.730552706069112e+12,"network":1.730552707e+12,"ticks":7365369623.0,"uncertainty":3313878.0}},"os_crypt":{"audit_enabled":true,"encrypted_key":"RFBBUEkBAAAA0Iyd3wEV0RGMegDAT8KX6wEAAACde9GjpdpiRpaMIGnk6V2uEAAAAB4AAABNAGkAYwByAG8AcwBvAGYAdAAgAEUAZABnAGUAAAAQZgAAAAEAACAAAADcOGPJJDW7Ws9BEI0LmxwFCS5m0G91BJ4rgZ9ElbLo8QAAAAAOgAAAAAIAACAAAAC4wiTMrUy3pjnHP1vsbrg/NVxDC4wzpHWt1sNG/hfHyjAAAAAwMmfoE9mhK6+B2PhkFNv4NfC04a72

                                                                                                                                                                                              C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\d2c9abda-ba5e-44ad-b989-69bd023e0201.tmp

                                                                                                                                                                                              Download File
                                                                                                                                                                                              Process:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              File Type:JSON data
                                                                                                                                                                                              Category:dropped
                                                                                                                                                                                              Size (bytes):17644
                                                                                                                                                                                              Entropy (8bit):6.06120249256252
                                                                                                                                                                                              Encrypted:false
                                                                                                                                                                                              SSDEEP:384:RtMkaMJH2m8qVT8IeQ0I5t0b9lQg0gNBSnAx0D3ay8j3F:LMkbJrT8IeQcrQgNsKy21
                                                                                                                                                                                              MD5:9B6EF08A6F1B58BB869401826784AEC0
                                                                                                                                                                                              SHA1:40912B3CCEA425B9CDEB9D40FEDE10064CA025B1
                                                                                                                                                                                              SHA-256:8F64B8367D2782ECE6C2434070D2862C421615545FA64D99D33BA0DE2BC1DA97
                                                                                                                                                                                              SHA-512:22496EB603C543FCB28F70BF5340A77B75C2E7DB167E9122FC495AF76CD176FD369509E5625CE3A0D7851FA604E568DAF5D79A0E43D994AD000A1F13FFB43C0C
                                                                                                                                                                                              Malicious:false
                                                                                                                                                                                              Preview:{"desktop_session_duration_tracker":{"last_session_end_timestamp":"1730552712"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG6qXtmMBDiyS59PvY7eCklyb4QcfFi7tpdwu3VBt1XNorvM4+RiU6+CjD0kb+pHz7rRm3rXSyzABnWdKBG+Ijlx7hEE4QTzo+AB6fnDLLJBpo7PKv8Ob367/KjUg8mcY6CmCjTJCmtsWFOcUf5vj04cw0e1yZe2WAl8svFn5IC43jfc+dLnGrEyDwAicHCxNdhlrVa5LEtTgt5u2lAK02pd198r5dr5VYgHj55vViEOsF96z3F4ONrN2yeYHGQlo5wvtB8h5moYSz3q4XkgOLF68CtN9bg4RrXXMpaCsrtm158Ii7QF+b2Xe4pcP9WmmQQPfW3MPK3vutAkF92eZ7P7Xw59TAM/Xo+dJlBvYcfjI+KQYiMwDeq8wvchf+8fPfPPLcZ/KFm8bG4FljbVPigsVWQEqHL2vBay66hdg1F7Kydil8K9Pwl4L

                                                                                                                                                                                              Static File Info

                                                                                                                                                                                              General

                                                                                                                                                                                              File type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                              Entropy (8bit):6.8863070836948665
                                                                                                                                                                                              TrID:
                                                                                                                                                                                              • Win64 Executable GUI (202006/5) 92.65%
                                                                                                                                                                                              • Win64 Executable (generic) (12005/4) 5.51%
                                                                                                                                                                                              • Generic Win/DOS Executable (2004/3) 0.92%
                                                                                                                                                                                              • DOS Executable Generic (2002/1) 0.92%
                                                                                                                                                                                              • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                              File name:SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe
                                                                                                                                                                                              File size:12'247'040 bytes
                                                                                                                                                                                              MD5:68388f9b51b413fa68207229be176b28
                                                                                                                                                                                              SHA1:43464a5febf2db792bba3b845254242ee4cb61a2
                                                                                                                                                                                              SHA256:ad0d298646b9d19946c094895bd3eb502dc455010f412d1b7391420949cec145
                                                                                                                                                                                              SHA512:dd8a19ca3dcf41ca1d9484a0ea3b53abafa71349b60944f3209db8744d95938df3e6244b53d5204fabf57c29271e1738b7b65a4524f0a175c190481a71049de5
                                                                                                                                                                                              SSDEEP:98304:wGvQEYGjrDReAP1npwaMAYFqtZK1j08Cv7Sh7ra6An4UtT1g9jYHxVWRC2y7jkOu:wNGXDRpzfK1jrCzaiR1mGWRCHML
                                                                                                                                                                                              TLSH:14C65B217B9A9AADC15AC07482464B725A3170CB0F35BAFF459486783FB9AF41F3C358
                                                                                                                                                                                              File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......9"g.}C..}C..}C..t;..sC..m...tC..m...pC..m...RC...6.._C..6;..~C..}C...B..}C...A..6...|C..6...|C..Rich}C..................PE..d..

                                                                                                                                                                                              File Icon

                                                                                                                                                                                              Icon Hash:1749c9e8646c1917

                                                                                                                                                                                              Static PE Info

                                                                                                                                                                                              General

                                                                                                                                                                                              Entrypoint:0x14058ba78
                                                                                                                                                                                              Entrypoint Section:.text
                                                                                                                                                                                              Digitally signed:false
                                                                                                                                                                                              Imagebase:0x140000000
                                                                                                                                                                                              Subsystem:windows gui
                                                                                                                                                                                              Image File Characteristics:EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE
                                                                                                                                                                                              DLL Characteristics:HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE
                                                                                                                                                                                              Time Stamp:0x6719FC66 [Thu Oct 24 07:51:02 2024 UTC]
                                                                                                                                                                                              TLS Callbacks:0x40572a40, 0x1
                                                                                                                                                                                              CLR (.Net) Version:
                                                                                                                                                                                              OS Version Major:6
                                                                                                                                                                                              OS Version Minor:0
                                                                                                                                                                                              File Version Major:6
                                                                                                                                                                                              File Version Minor:0
                                                                                                                                                                                              Subsystem Version Major:6
                                                                                                                                                                                              Subsystem Version Minor:0
                                                                                                                                                                                              Import Hash:87df3e310b2bfd4ff06aae8ced0c7110

                                                                                                                                                                                              Entrypoint Preview

                                                                                                                                                                                              Instruction
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              sub esp, 28h
                                                                                                                                                                                              call 00007F3B985156A8h
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              add esp, 28h
                                                                                                                                                                                              jmp 00007F3B985150F7h
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              int3
                                                                                                                                                                                              nop word ptr [eax+eax+00000000h]
                                                                                                                                                                                              dec eax
                                                                                                                                                                                              sub esp, 10h
                                                                                                                                                                                              dec esp
                                                                                                                                                                                              mov dword ptr [esp], edx
                                                                                                                                                                                              dec esp
                                                                                                                                                                                              mov dword ptr [esp+08h], ebx
                                                                                                                                                                                              dec ebp
                                                                                                                                                                                              xor ebx, ebx
                                                                                                                                                                                              dec esp
                                                                                                                                                                                              lea edx, dword ptr [esp+18h]
                                                                                                                                                                                              dec esp
                                                                                                                                                                                              sub edx, eax
                                                                                                                                                                                              dec ebp
                                                                                                                                                                                              cmovb edx, ebx
                                                                                                                                                                                              dec esp
                                                                                                                                                                                              mov ebx, dword ptr [00000010h]
                                                                                                                                                                                              dec ebp
                                                                                                                                                                                              cmp edx, ebx
                                                                                                                                                                                              jnc 00007F3B98515298h
                                                                                                                                                                                              inc cx
                                                                                                                                                                                              and edx, 8D4DF000h
                                                                                                                                                                                              wait
                                                                                                                                                                                              add al, dh

                                                                                                                                                                                              Rich Headers

                                                                                                                                                                                              Programming Language:
                                                                                                                                                                                              • [IMP] VS2008 SP1 build 30729

                                                                                                                                                                                              Data Directories

                                                                                                                                                                                              NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_IMPORT0xb409ec0x1f4.rdata
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_RESOURCE0xb980000xdc50.rsrc
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_EXCEPTION0xb490000x4ea50.pdata
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_SECURITY0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_BASERELOC0xba60000xc638.reloc
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_DEBUG0xa239500x54.rdata
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_TLS0xa23b800x28.rdata
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0xa238100x140.rdata
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_IAT0x5b30000xbb0.rdata
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                              IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                              Sections

                                                                                                                                                                                              NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                              .text0x10000x5b11300x5b1200bf653deb9dbd1bd130298a3db7d834ccunknownunknownunknownunknownIMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                              .rdata0x5b30000x5903820x590400a22ce54847303c2ded5a1f8dd237d8f4unknownunknownunknownunknownIMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                              .data0xb440000x43b00x3400637d5d260be1275264795641361bab55False0.16856971153846154data2.4896595894667044IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                              .pdata0xb490000x4ea500x4ec0064f62f78cc647bcd8ba57d26f778ee84False0.49593874007936506data6.515218311693708IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                              .rsrc0xb980000xdc500xde007ed781c89b2a4665c2bd7759a2b44336False0.9625387105855856data7.909897474883344IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                              .reloc0xba60000xc6380xc800dc019c519950defc5934845947c90445False0.27861328125data5.462095730901925IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ

                                                                                                                                                                                              Resources

                                                                                                                                                                                              NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                              RT_ICON0xb984500x9d1PNG image data, 32 x 32, 8-bit/color RGBA, non-interlacedEnglishUnited States0.9812972542777557
                                                                                                                                                                                              RT_ICON0xb98e280x3efPNG image data, 16 x 16, 8-bit/color RGBA, non-interlacedEnglishUnited States0.9632571996027806
                                                                                                                                                                                              RT_ICON0xb992180x6bfPNG image data, 24 x 24, 8-bit/color RGBA, non-interlacedEnglishUnited States0.9779965257672264
                                                                                                                                                                                              RT_ICON0xb998d80x10b1PNG image data, 48 x 48, 8-bit/color RGBA, non-interlacedEnglishUnited States0.9810437631640534
                                                                                                                                                                                              RT_ICON0xb9a9900x18dePNG image data, 64 x 64, 8-bit/color RGBA, non-interlacedEnglishUnited States0.9706251963556394
                                                                                                                                                                                              RT_ICON0xb9c2700x982fPNG image data, 256 x 256, 8-bit/color RGBA, non-interlacedEnglishUnited States1.0005390282091429
                                                                                                                                                                                              RT_GROUP_ICON0xba5aa00x5adataEnglishUnited States0.7777777777777778
                                                                                                                                                                                              RT_VERSION0xb982200x22cdataEnglishUnited States0.5179856115107914
                                                                                                                                                                                              RT_MANIFEST0xba5b000x14eASCII text, with very long lines (334), with no line terminatorsEnglishUnited States0.6586826347305389

                                                                                                                                                                                              Imports

                                                                                                                                                                                              DLLImport
                                                                                                                                                                                              bcryptprimitives.dllProcessPrng
                                                                                                                                                                                              api-ms-win-core-synch-l1-2-0.dllWakeByAddressAll, WaitOnAddress, WakeByAddressSingle
                                                                                                                                                                                              ntdll.dllNtWriteFile, NtCancelIoFileEx, RtlGetNtVersionNumbers, NtReadFile, RtlUnwindEx, RtlNtStatusToDosError, RtlVirtualUnwind, RtlPcToFileHeader, NtDeviceIoControlFile, NtCreateFile, RtlLookupFunctionEntry, RtlCaptureContext
                                                                                                                                                                                              kernel32.dllRaiseException, IsProcessorFeaturePresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, IsDebuggerPresent, InitializeSListHead, GetSystemTimeAsFileTime, SleepConditionVariableSRW, AcquireSRWLockExclusive, ReleaseSRWLockExclusive, CloseHandle, GetCurrentThreadId, GetModuleHandleW, EncodePointer, LCIDToLocaleName, GetUserDefaultUILanguage, DeleteCriticalSection, WakeAllConditionVariable, InitializeCriticalSectionAndSpinCount, LoadLibraryW, CreateMutexA, WaitForSingleObjectEx, GetTempPathW, CreateThread, WriteConsoleW, UpdateProcThreadAttribute, TlsAlloc, InitializeProcThreadAttributeList, TlsGetValue, GetWindowsDirectoryW, GetSystemDirectoryW, GetFullPathNameW, WaitForMultipleObjects, ReadFileEx, CreateNamedPipeW, ExitProcess, SetEnvironmentVariableW, CancelIo, CreateEventW, CopyFileExW, GetFinalPathNameByHandleW, CreateHardLinkW, CreateSymbolicLinkW, RemoveDirectoryW, DeleteFileW, FindFirstFileW, GetFileAttributesW, GetModuleFileNameW, OutputDebugStringA, OutputDebugStringW, CreateDirectoryW, GetFileInformationByHandleEx, TlsSetValue, CreateFileW, LoadLibraryExW, MultiByteToWideChar, WideCharToMultiByte, GlobalFree, FindClose, GetEnvironmentVariableW, GlobalAlloc, FindNextFileW, GetModuleHandleA, GetFileInformationByHandle, GetConsoleMode, SetFileAttributesW, MoveFileExW, ReleaseMutex, HeapReAlloc, CreateProcessW, QueryPerformanceFrequency, TerminateProcess, GetExitCodeProcess, SleepEx, GlobalUnlock, GlobalSize, GlobalLock, WriteFileEx, GetStdHandle, Sleep, SetFilePointerEx, WaitForSingleObject, FormatMessageW, DuplicateHandle, HeapAlloc, GetCurrentProcess, SetFileInformationByHandle, GetCommandLineW, GetEnvironmentStringsW, FreeLibrary, GetProcAddress, LoadLibraryA, GetLastError, HeapFree, GetProcessHeap, GetCurrentDirectoryW, SetLastError, QueryPerformanceCounter, SetWaitableTimer, CreateWaitableTimerExW, SwitchToThread, GetCurrentThread, SetFileTime, SetThreadStackGuarantee, AddVectoredExceptionHandler, CompareStringOrdinal, lstrlenW, DeleteProcThreadAttributeList, FreeEnvironmentStringsW, SetFileCompletionNotificationModes, GetSystemInfo, GetOverlappedResult, ReadFile, TlsFree, PostQueuedCompletionStatus, GetQueuedCompletionStatusEx, CreateIoCompletionPort, GetCurrentProcessId, SetHandleInformation
                                                                                                                                                                                              user32.dllGetDC, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, GetForegroundWindow, MonitorFromPoint, EmptyClipboard, SetClipboardData, EnumDisplayMonitors, DispatchMessageA, GetMessageA, SendMessageW, PostQuitMessage, AppendMenuW, CreateMenu, SetMenuItemInfoW, CreateIcon, DestroyIcon, CheckMenuItem, EnableMenuItem, GetSystemMenu, ShowWindow, SetWindowLongW, VkKeyScanW, GetAsyncKeyState, GetKeyboardState, DestroyAcceleratorTable, CreateAcceleratorTableW, IsProcessDPIAware, ToUnicodeEx, SystemParametersInfoA, IsWindowVisible, ClipCursor, GetClipCursor, ShowCursor, AdjustWindowRectEx, GetKeyState, MapVirtualKeyExW, GetKeyboardLayout, SetCapture, GetMenu, GetWindowRect, SetWindowLongPtrW, SendInput, MsgWaitForMultipleObjectsEx, RegisterRawInputDevices, SetForegroundWindow, RegisterClassExW, RegisterWindowMessageA, GetWindowLongPtrW, EnumChildWindows, CloseClipboard, SetWindowDisplayAffinity, GetWindowTextW, RegisterTouchWindow, GetSystemMetrics, IsWindow, CreateWindowExW, GetWindowTextLengthW, SetCursorPos, ReleaseCapture, IsIconic, GetActiveWindow, SetMenu, InvalidateRgn, GetWindowPlacement, SetWindowPlacement, ChangeDisplaySettingsExW, MapVirtualKeyW, GetUpdateRect, ValidateRect, SetCursor, LoadCursorW, SetWindowPos, GetMonitorInfoW, MonitorFromWindow, GetCursorPos, CloseTouchInputHandle, GetTouchInputInfo, TrackMouseEvent, RegisterClipboardFormatW, MonitorFromRect, ClientToScreen, GetClientRect, GetWindowLongW, ScreenToClient, FlashWindowEx, DefWindowProcW, RedrawWindow, PostThreadMessageW, PostMessageW, PeekMessageW, DispatchMessageW, TranslateMessage, TranslateAcceleratorW, GetAncestor, GetMessageW, SetWindowTextW, DestroyWindow, GetRawInputData
                                                                                                                                                                                              comctl32.dllRemoveWindowSubclass, SetWindowSubclass, TaskDialogIndirect, DefSubclassProc
                                                                                                                                                                                              ole32.dllCoInitializeEx, RegisterDragDrop, CoTaskMemAlloc, CoUninitialize, RevokeDragDrop, CoCreateInstance, OleInitialize, CreateStreamOnHGlobal, CoTaskMemFree
                                                                                                                                                                                              shell32.dllDragFinish, SHGetKnownFolderPath, ShellExecuteW, SHCreateItemFromParsingName, DragQueryFileW, SHAppBarMessage
                                                                                                                                                                                              gdi32.dllGetDeviceCaps, DeleteObject, CreateRectRgn
                                                                                                                                                                                              dwmapi.dllDwmEnableBlurBehindWindow
                                                                                                                                                                                              oleaut32.dllSysStringLen, SysFreeString, GetErrorInfo, SetErrorInfo
                                                                                                                                                                                              uxtheme.dllSetWindowTheme
                                                                                                                                                                                              advapi32.dllEventRegister, EventSetInformation, EventWriteTransfer, EventUnregister, RegOpenKeyExW, RegQueryValueExW, RegCloseKey, RegGetValueW, SystemFunction036
                                                                                                                                                                                              bcrypt.dllBCryptGenRandom
                                                                                                                                                                                              secur32.dllFreeCredentialsHandle, AcceptSecurityContext, EncryptMessage, InitializeSecurityContextW, DecryptMessage, QueryContextAttributesW, ApplyControlToken, FreeContextBuffer, AcquireCredentialsHandleA, DeleteSecurityContext
                                                                                                                                                                                              ws2_32.dllclosesocket, getaddrinfo, freeaddrinfo, shutdown, WSACleanup, WSAStartup, getsockname, getpeername, WSASocketW, bind, WSAGetLastError, connect, ioctlsocket, WSAIoctl, setsockopt, WSASend, send, recv, getsockopt
                                                                                                                                                                                              crypt32.dllCertCloseStore, CertDuplicateStore, CertOpenStore, CertDuplicateCertificateContext, CertFreeCertificateContext, CertDuplicateCertificateChain, CertVerifyCertificateChainPolicy, CertGetCertificateChain, CertFreeCertificateChain, CertAddCertificateContextToStore, CertEnumCertificatesInStore
                                                                                                                                                                                              api-ms-win-crt-math-l1-1-0.dllfloor, round, __setusermatherr, trunc
                                                                                                                                                                                              api-ms-win-crt-runtime-l1-1-0.dllexit, __p___argc, _initterm, _get_initial_narrow_environment, _initialize_narrow_environment, _configure_narrow_argv, __p___argv, _set_app_type, _seh_filter_exe, _cexit, terminate, _c_exit, _register_thread_local_exe_atexit_callback, _exit, _initialize_onexit_table, _register_onexit_function, abort, _crt_atexit, _initterm_e
                                                                                                                                                                                              api-ms-win-crt-string-l1-1-0.dllstrcpy_s, wcslen, _wcsicmp, wcsncmp
                                                                                                                                                                                              api-ms-win-crt-convert-l1-1-0.dll_ultow_s, wcstol
                                                                                                                                                                                              api-ms-win-crt-stdio-l1-1-0.dll__p__commode, _set_fmode
                                                                                                                                                                                              api-ms-win-crt-locale-l1-1-0.dll_configthreadlocale
                                                                                                                                                                                              api-ms-win-crt-heap-l1-1-0.dll_set_new_mode, free, calloc, malloc, _callnewh

                                                                                                                                                                                              Possible Origin

                                                                                                                                                                                              Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                              EnglishUnited States

                                                                                                                                                                                              Network Behavior

                                                                                                                                                                                              Suricata IDS Alerts

                                                                                                                                                                                              TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                              2024-11-02T14:05:20.271993+01002022930ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow14.175.87.197443192.168.2.649779TCP
                                                                                                                                                                                              2024-11-02T14:05:58.727536+01002022930ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow14.245.163.56443192.168.2.649986TCP

                                                                                                                                                                                              Network Port Distribution

                                                                                                                                                                                              TCP Packets

                                                                                                                                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                              Nov 2, 2024 14:05:05.740565062 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:05.740614891 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:05.740712881 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:05.741266966 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:05.741283894 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:06.498617887 CET49715443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:06.498657942 CET44349715140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:06.498852015 CET49715443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:06.528863907 CET49715443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:06.528877974 CET44349715140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:06.976674080 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.016393900 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.077578068 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.077615023 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.079274893 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.079363108 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.245920897 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.246068954 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.246710062 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.246748924 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.297630072 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.422816038 CET44349715140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.422888041 CET49715443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:07.443049908 CET49715443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:07.443073034 CET44349715140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.443299055 CET44349715140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.485129118 CET49715443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:07.515264034 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.515296936 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.515357971 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.515403032 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.519485950 CET49715443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:07.555594921 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.567322969 CET44349715140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.633815050 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.633831024 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.633853912 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.633862019 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.633894920 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.633907080 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.633953094 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.759068966 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.759083986 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.759124994 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.759145021 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.759149075 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.759181023 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.759205103 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.759227991 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.878266096 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.878314972 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.878418922 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.878457069 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.878489017 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.878555059 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.878849983 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.878928900 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.878972054 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.879038095 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.879154921 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.879266024 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.879266024 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.879288912 CET4434971052.123.243.92192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.879808903 CET49710443192.168.2.652.123.243.92
                                                                                                                                                                                              Nov 2, 2024 14:05:07.946491957 CET44349715140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.946829081 CET44349715140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.947026968 CET44349715140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.947053909 CET49715443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:07.950962067 CET49715443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:07.951184988 CET49715443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:07.951196909 CET44349715140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.954663992 CET49719443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:07.954710007 CET44349719140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:07.956581116 CET49719443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:07.957600117 CET49719443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:07.957616091 CET44349719140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:09.422004938 CET44349719140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:09.422084093 CET49719443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:09.424282074 CET49719443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:09.424303055 CET44349719140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:09.424519062 CET44349719140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:09.425277948 CET49719443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:09.467346907 CET44349719140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:09.818207026 CET44349719140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:09.818449974 CET44349719140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:09.818484068 CET44349719140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:09.818520069 CET49719443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:09.820854902 CET49719443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:09.825423956 CET49719443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:09.825453997 CET44349719140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:09.830579042 CET49719443192.168.2.6140.82.121.4
                                                                                                                                                                                              Nov 2, 2024 14:05:09.830605984 CET44349719140.82.121.4192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:09.841867924 CET49726443192.168.2.6185.199.111.133
                                                                                                                                                                                              Nov 2, 2024 14:05:09.841892004 CET44349726185.199.111.133192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:09.841965914 CET49726443192.168.2.6185.199.111.133
                                                                                                                                                                                              Nov 2, 2024 14:05:09.842297077 CET49726443192.168.2.6185.199.111.133
                                                                                                                                                                                              Nov 2, 2024 14:05:09.842312098 CET44349726185.199.111.133192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.450601101 CET44349726185.199.111.133192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.450689077 CET49726443192.168.2.6185.199.111.133
                                                                                                                                                                                              Nov 2, 2024 14:05:10.452678919 CET49726443192.168.2.6185.199.111.133
                                                                                                                                                                                              Nov 2, 2024 14:05:10.452699900 CET44349726185.199.111.133192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.452946901 CET44349726185.199.111.133192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.453910112 CET49726443192.168.2.6185.199.111.133
                                                                                                                                                                                              Nov 2, 2024 14:05:10.495353937 CET44349726185.199.111.133192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.693859100 CET49728443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:10.693922997 CET44349728162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.693986893 CET49728443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:10.694508076 CET49729443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:10.694550037 CET44349729162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.694603920 CET49729443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:10.694820881 CET49728443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:10.694840908 CET44349728162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.695039988 CET49729443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:10.695054054 CET44349729162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.762197018 CET44349726185.199.111.133192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.762274981 CET44349726185.199.111.133192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.762340069 CET44349726185.199.111.133192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.762406111 CET49726443192.168.2.6185.199.111.133
                                                                                                                                                                                              Nov 2, 2024 14:05:10.762801886 CET49726443192.168.2.6185.199.111.133
                                                                                                                                                                                              Nov 2, 2024 14:05:10.762826920 CET44349726185.199.111.133192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.303139925 CET44349728162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.303633928 CET49728443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:11.303647995 CET44349728162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.304730892 CET44349728162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.304792881 CET49728443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:11.306212902 CET49728443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:11.306279898 CET44349728162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.306514025 CET49728443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:11.306524038 CET44349728162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.331952095 CET44349729162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.332325935 CET49729443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:11.332353115 CET44349729162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.335937977 CET44349729162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.336002111 CET49729443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:11.337389946 CET49729443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:11.337477922 CET44349729162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.337625980 CET49729443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:11.337634087 CET44349729162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.354788065 CET49728443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:11.386017084 CET49729443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:11.436594963 CET44349728162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.436662912 CET44349728162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.436728954 CET49728443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:11.437011003 CET49728443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:11.437020063 CET44349728162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.473453045 CET44349729162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.473625898 CET44349729162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:11.473743916 CET49729443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:11.473889112 CET49729443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:11.473911047 CET44349729162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:12.583158970 CET49741443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:12.583173037 CET44349741162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:12.583764076 CET49742443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:12.583794117 CET44349742162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:12.583813906 CET49741443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:12.583851099 CET49742443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:12.584239960 CET49741443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:12.584249020 CET44349741162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:12.584359884 CET49742443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:12.584372997 CET44349742162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.216419935 CET44349741162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.216639042 CET44349742162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.216742039 CET49741443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.216763973 CET44349741162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.217117071 CET49742443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.217133045 CET44349742162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.217626095 CET44349741162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.217688084 CET49741443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.218170881 CET44349742162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.218221903 CET49742443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.218229055 CET49741443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.218277931 CET44349741162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.218792915 CET49742443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.218851089 CET44349742162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.264681101 CET49741443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.264691114 CET44349741162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.264712095 CET49742443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.264733076 CET44349742162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.310306072 CET49741443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.310309887 CET49742443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.402720928 CET49743443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:13.402759075 CET44349743132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.402827024 CET49743443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:13.403208017 CET49743443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:13.403217077 CET44349743132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:14.509337902 CET44349743132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:14.509661913 CET49743443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:14.509677887 CET44349743132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:14.510756016 CET44349743132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:14.510831118 CET49743443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:14.524276018 CET49743443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:14.524382114 CET44349743132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:14.524523020 CET49743443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:14.524533033 CET44349743132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:14.575273991 CET49743443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:14.883557081 CET44349743132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:14.883588076 CET44349743132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:14.883676052 CET49743443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:14.883702040 CET44349743132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:14.883744955 CET49743443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:15.212141991 CET49743443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:15.212160110 CET44349743132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.329961061 CET49754443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:15.330027103 CET44349754132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.330514908 CET49755443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:15.330538034 CET49754443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:15.330568075 CET44349755132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.330615997 CET49755443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:15.330898046 CET49754443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:15.330915928 CET44349754132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.331100941 CET49755443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:15.331120014 CET44349755132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.550209999 CET49762443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:15.550223112 CET44349762142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.550292969 CET49762443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:15.550723076 CET49762443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:15.550734043 CET44349762142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.578933001 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:15.579024076 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.579111099 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:15.579682112 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:15.579715967 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.187859058 CET44349762142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.188210964 CET49762443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:16.188229084 CET44349762142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.189718962 CET44349762142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.189779043 CET49762443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:16.189785004 CET44349762142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.189820051 CET49762443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:16.190967083 CET49762443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:16.191061020 CET44349762142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.191219091 CET49762443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:16.191226006 CET44349762142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.202444077 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.202707052 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:16.202732086 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.203785896 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.203843117 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:16.204839945 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:16.204915047 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.205086946 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:16.205095053 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.245836973 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:16.245848894 CET49762443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:16.342401028 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.342542887 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.342628002 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:16.342638016 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.342721939 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.342761040 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:16.342766047 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.342875957 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.342924118 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:16.342928886 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.343027115 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.343115091 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.343127012 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:16.343142033 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.343384027 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:16.343389988 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.343714952 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.343771935 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:16.344235897 CET44349762142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.344742060 CET49762443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:16.344815016 CET44349762142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.344875097 CET49762443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:16.345688105 CET49763443192.168.2.6142.251.116.95
                                                                                                                                                                                              Nov 2, 2024 14:05:16.345695019 CET44349763142.251.116.95192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.431134939 CET44349755132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.431569099 CET49755443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.431597948 CET44349755132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.432648897 CET44349755132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.432704926 CET49755443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.434225082 CET49755443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.434290886 CET44349755132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.435115099 CET49755443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.435121059 CET44349755132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.456749916 CET44349754132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.457195997 CET49754443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.457237005 CET44349754132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.458297014 CET44349754132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.458368063 CET49754443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.459440947 CET49754443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.459511042 CET44349754132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.459624052 CET49754443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.481379032 CET49755443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.488651991 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:16.488694906 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.488751888 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:16.489078999 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:16.489094019 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.507337093 CET44349754132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.511337042 CET49754443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.511368036 CET44349754132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.558178902 CET49754443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.837661982 CET44349755132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.837682962 CET44349755132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.837733984 CET49755443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.837745905 CET44349755132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.837805986 CET49755443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.838927031 CET49755443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.838946104 CET44349755132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.864594936 CET44349754132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.864614010 CET44349754132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.864675045 CET44349754132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.864679098 CET49754443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.865199089 CET49754443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.865731955 CET49754443192.168.2.6132.145.248.22
                                                                                                                                                                                              Nov 2, 2024 14:05:16.865766048 CET44349754132.145.248.22192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.110398054 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.110883951 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.110904932 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.112360001 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.112435102 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.114363909 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.114447117 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.114836931 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.114845037 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.168122053 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.243094921 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.243441105 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.243479013 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.243515968 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.243521929 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.243546963 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.243576050 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.243608952 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.243654013 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.243660927 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.244013071 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.244051933 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.244061947 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.244070053 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.244113922 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.361975908 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.362112999 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.362149000 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.362206936 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.362242937 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.362348080 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.362396002 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.362468004 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.362512112 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.362519979 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.362696886 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.363059998 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.363101959 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.363117933 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.363127947 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.363157034 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.418695927 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.481055021 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.481168032 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.481205940 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.481247902 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.481304884 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.481328964 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.481340885 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.481442928 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.481478930 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.482405901 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.482439041 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.482461929 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.482474089 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.482616901 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:17.482659101 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.484627008 CET49768443192.168.2.6142.250.138.94
                                                                                                                                                                                              Nov 2, 2024 14:05:17.484638929 CET44349768142.250.138.94192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:20.767260075 CET49787443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:20.767303944 CET44349787142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:20.767407894 CET49787443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:20.767678976 CET49787443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:20.767694950 CET44349787142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:22.228759050 CET44349787142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:22.229125023 CET49787443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:22.229151011 CET44349787142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:22.230228901 CET44349787142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:22.230278969 CET49787443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:22.230294943 CET44349787142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:22.230334044 CET49787443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:22.230840921 CET49787443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:22.230901003 CET44349787142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:22.277518034 CET49787443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:22.277548075 CET44349787142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:22.324368954 CET49787443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:28.090027094 CET44349741162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:28.090101004 CET44349741162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:28.090202093 CET49741443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:28.090622902 CET44349742162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:28.090806961 CET44349742162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:28.091330051 CET49742443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:04.959549904 CET50011443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:04.959585905 CET44350011162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:04.959650040 CET50011443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:04.959965944 CET50012443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:04.959990978 CET44350012162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:04.960036993 CET50012443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:04.960222960 CET50011443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:04.960233927 CET44350011162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:04.960412979 CET50012443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:04.960427046 CET44350012162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.570611954 CET44350011162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.571053982 CET50011443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.571086884 CET44350011162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.571291924 CET44350012162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.571491003 CET50012443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.571530104 CET44350012162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.572144032 CET44350011162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.572211027 CET50011443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.572582960 CET44350012162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.572632074 CET50011443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.572645903 CET50012443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.572700977 CET44350011162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.572998047 CET50012443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.573057890 CET44350012162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.573199987 CET50011443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.573209047 CET44350011162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.573306084 CET50012443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.573316097 CET44350012162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.621442080 CET50011443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.621443033 CET50012443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.702716112 CET44350011162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.702739954 CET44350012162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.702789068 CET44350011162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.702825069 CET44350012162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.702830076 CET50011443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.702863932 CET50012443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.706259012 CET50011443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.706281900 CET44350011162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.706646919 CET50012443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.706671953 CET44350012162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:07.277806044 CET49787443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:06:07.277831078 CET44349787142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:13.090184927 CET49741443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:13.090209961 CET44349741162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:13.105763912 CET49742443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:13.105798006 CET44349742162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:52.293248892 CET49787443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:06:52.293268919 CET44349787142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.204019070 CET49741443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.204075098 CET44349741162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.204129934 CET49742443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.204154968 CET44349742162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.204221010 CET49787443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:06:55.204329967 CET44349787142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.204384089 CET49787443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:06:55.204713106 CET50016443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.204756975 CET44350016162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.204818964 CET50016443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.205045938 CET50017443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.205082893 CET44350017162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.205137014 CET50017443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.205307007 CET50016443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.205317974 CET44350016162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.205467939 CET50017443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.205481052 CET44350017162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.820338964 CET44350017162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.820586920 CET50017443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.820615053 CET44350017162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.821593046 CET44350017162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.821664095 CET50017443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.821984053 CET50017443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.822052002 CET44350017162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.834294081 CET44350016162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.834496975 CET50016443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.834523916 CET44350016162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.837271929 CET44350016162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.837328911 CET50016443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.837604046 CET50016443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.837663889 CET44350016162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.871411085 CET50017443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.871419907 CET44350017162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.886976957 CET50016443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.886995077 CET44350016162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.918250084 CET50017443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.933921099 CET50016443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:07:10.699255943 CET44350017162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:07:10.699331045 CET44350017162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:07:10.699527025 CET50017443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:07:10.706758976 CET44350016162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:07:10.706830025 CET44350016162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:07:10.706911087 CET50016443192.168.2.6162.159.61.3

                                                                                                                                                                                              UDP Packets

                                                                                                                                                                                              TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                              Nov 2, 2024 14:05:06.467961073 CET6099853192.168.2.61.1.1.1
                                                                                                                                                                                              Nov 2, 2024 14:05:06.475188017 CET53609981.1.1.1192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:06.658524036 CET53645061.1.1.1192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:09.834167957 CET6546253192.168.2.61.1.1.1
                                                                                                                                                                                              Nov 2, 2024 14:05:09.840995073 CET53654621.1.1.1192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.684197903 CET5492753192.168.2.61.1.1.1
                                                                                                                                                                                              Nov 2, 2024 14:05:10.684716940 CET6524653192.168.2.61.1.1.1
                                                                                                                                                                                              Nov 2, 2024 14:05:10.685237885 CET5539353192.168.2.61.1.1.1
                                                                                                                                                                                              Nov 2, 2024 14:05:10.685586929 CET5017353192.168.2.61.1.1.1
                                                                                                                                                                                              Nov 2, 2024 14:05:10.692120075 CET53549271.1.1.1192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.693011045 CET53652461.1.1.1192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.693169117 CET53553931.1.1.1192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:10.693747044 CET53501731.1.1.1192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:12.582690954 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:12.894025087 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.205845118 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.205890894 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.205933094 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.206051111 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.207812071 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.210130930 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.210340977 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.210890055 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.216938019 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.340748072 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.341183901 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.341394901 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.341404915 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.341458082 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.341484070 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.341594934 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.342895031 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.347223043 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.371275902 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.401578903 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.401668072 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.471669912 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.510155916 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:13.531523943 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:13.570791006 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:15.402498960 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:15.405004025 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:15.431207895 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:15.431374073 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:15.533778906 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.534832001 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.536303043 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.539783001 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.548963070 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:15.562758923 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.563528061 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.563576937 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:15.577289104 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:16.349571943 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:16.349720955 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:16.480720043 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.482074022 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.482094049 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:16.482426882 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:20.439022064 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:20.766659021 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:21.371716976 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:21.453526974 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:21.453789949 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:21.615112066 CET44354964142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:21.615145922 CET44354964142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:21.615180969 CET44354964142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:21.624068022 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:21.624274015 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:21.741509914 CET44354964142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:21.741523981 CET44354964142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:21.741569042 CET44354964142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:21.741826057 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:21.741941929 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:21.743617058 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:21.743700027 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:21.756059885 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:21.756323099 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:21.760853052 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:21.764215946 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:21.767617941 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:21.768064022 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:21.886384010 CET44354964142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:21.886393070 CET44354964142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:21.888288021 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:21.888432026 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:21.890885115 CET44354964142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:21.891141891 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:21.909358978 CET44354964142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:21.912791014 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:21.917354107 CET44354964142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:21.965547085 CET54964443192.168.2.6142.251.116.102
                                                                                                                                                                                              Nov 2, 2024 14:05:22.068679094 CET44354964142.251.116.102192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:45.954040051 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:45.954143047 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:05:46.084536076 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:46.085861921 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:46.086432934 CET44360670162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:05:46.086822987 CET60670443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:04.959103107 CET53520443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.263637066 CET53520443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.579075098 CET44353520162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.579133987 CET44353520162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.579159021 CET44353520162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.579199076 CET44353520162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.579991102 CET53520443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.581393003 CET53520443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.581522942 CET53520443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.712583065 CET44353520162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.712601900 CET44353520162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.712642908 CET44353520162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.712701082 CET44353520162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.712976933 CET53520443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.713102102 CET53520443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.713171959 CET53520443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:05.844938040 CET44353520162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:05.871762991 CET53520443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:54.746046066 CET6432953192.168.2.61.1.1.1
                                                                                                                                                                                              Nov 2, 2024 14:06:54.746320963 CET5289753192.168.2.61.1.1.1
                                                                                                                                                                                              Nov 2, 2024 14:06:54.909624100 CET53643291.1.1.1192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:54.909647942 CET53528971.1.1.1192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:54.910959959 CET57735443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.496615887 CET57735443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.687822104 CET44357735162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.687851906 CET44357735162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.687870026 CET44357735162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.689012051 CET57735443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.689057112 CET57735443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.689321995 CET57735443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.689448118 CET57735443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.762320995 CET57735443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.762396097 CET57735443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.762792110 CET5409353192.168.2.61.1.1.1
                                                                                                                                                                                              Nov 2, 2024 14:06:55.763012886 CET5918153192.168.2.61.1.1.1
                                                                                                                                                                                              Nov 2, 2024 14:06:55.763114929 CET57735443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.763165951 CET57735443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.770258904 CET53540931.1.1.1192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.770277023 CET53591811.1.1.1192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.809178114 CET44357735162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.815494061 CET44357735162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.815606117 CET44357735162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.815777063 CET57735443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.815820932 CET44357735162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.815834999 CET44357735162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.815992117 CET57735443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.816247940 CET44357735162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.816812038 CET44357735162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.816941023 CET57735443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.889168024 CET44357735162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.918565989 CET57735443192.168.2.6162.159.61.3
                                                                                                                                                                                              Nov 2, 2024 14:06:55.942521095 CET44357735162.159.61.3192.168.2.6
                                                                                                                                                                                              Nov 2, 2024 14:06:55.980860949 CET57735443192.168.2.6162.159.61.3

                                                                                                                                                                                              DNS Queries

                                                                                                                                                                                              TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                              Nov 2, 2024 14:05:06.467961073 CET192.168.2.61.1.1.10x2e3aStandard query (0)github.comA (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:09.834167957 CET192.168.2.61.1.1.10x277fStandard query (0)objects.githubusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:10.684197903 CET192.168.2.61.1.1.10xaca2Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:10.684716940 CET192.168.2.61.1.1.10x384aStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:10.685237885 CET192.168.2.61.1.1.10x32c9Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:10.685586929 CET192.168.2.61.1.1.10xe5d5Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:06:54.746046066 CET192.168.2.61.1.1.10x70b8Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:06:54.746320963 CET192.168.2.61.1.1.10x70b9Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:06:55.762792110 CET192.168.2.61.1.1.10x9cdbStandard query (0)github.comA (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:06:55.763012886 CET192.168.2.61.1.1.10xd6f8Standard query (0)github.com65IN (0x0001)false

                                                                                                                                                                                              DNS Answers

                                                                                                                                                                                              TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                              Nov 2, 2024 14:05:05.737395048 CET1.1.1.1192.168.2.60xace8No error (0)svc.ha-teams.office.comsvc.ms-acdc-teams.office.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:05.737395048 CET1.1.1.1192.168.2.60xace8No error (0)svc.ms-acdc-teams.office.com52.123.243.92A (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:05.737395048 CET1.1.1.1192.168.2.60xace8No error (0)svc.ms-acdc-teams.office.com52.123.243.89A (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:05.737395048 CET1.1.1.1192.168.2.60xace8No error (0)svc.ms-acdc-teams.office.com52.123.243.209A (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:06.475188017 CET1.1.1.1192.168.2.60x2e3aNo error (0)github.com140.82.121.4A (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:09.840995073 CET1.1.1.1192.168.2.60x277fNo error (0)objects.githubusercontent.com185.199.111.133A (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:09.840995073 CET1.1.1.1192.168.2.60x277fNo error (0)objects.githubusercontent.com185.199.110.133A (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:09.840995073 CET1.1.1.1192.168.2.60x277fNo error (0)objects.githubusercontent.com185.199.108.133A (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:09.840995073 CET1.1.1.1192.168.2.60x277fNo error (0)objects.githubusercontent.com185.199.109.133A (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:10.692120075 CET1.1.1.1192.168.2.60xaca2No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:10.692120075 CET1.1.1.1192.168.2.60xaca2No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:10.693011045 CET1.1.1.1192.168.2.60x384aNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:10.693169117 CET1.1.1.1192.168.2.60x32c9No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:10.693169117 CET1.1.1.1192.168.2.60x32c9No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:05:10.693747044 CET1.1.1.1192.168.2.60xe5d5No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:06:54.909624100 CET1.1.1.1192.168.2.60x70b8No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:06:54.909624100 CET1.1.1.1192.168.2.60x70b8No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:06:54.909647942 CET1.1.1.1192.168.2.60x70b9No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                              Nov 2, 2024 14:06:55.770258904 CET1.1.1.1192.168.2.60x9cdbNo error (0)github.com140.82.121.4A (IP address)IN (0x0001)false

                                                                                                                                                                                              HTTP Request Dependency Graph

                                                                                                                                                                                              • config.edge.skype.com
                                                                                                                                                                                              • github.com
                                                                                                                                                                                              • https:
                                                                                                                                                                                                • objects.githubusercontent.com
                                                                                                                                                                                                • fonts.gstatic.com
                                                                                                                                                                                              • chrome.cloudflare-dns.com
                                                                                                                                                                                              • tauri.localhost
                                                                                                                                                                                                • ghp.ci
                                                                                                                                                                                                • www.google-analytics.com
                                                                                                                                                                                                • fonts.googleapis.com

                                                                                                                                                                                              HTTPS Proxied Packets

                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              0192.168.2.64971052.123.243.924432820C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-11-02 13:05:07 UTC648OUTGET /config/v1/Edge/117.0.2045.47?clientId=6632647812204454971&agents=EdgeConfig%2CEdgeDomainActions%2CEdgeFirstRunConfig&osname=win&client=webview&channel=stable&scpfull=0&scpguard=0&scpfre=0&scpver=0&osarch=x86_64&osver=10.0.19045&wu=0&devicefamily=desktop&uma=0&sessionid=0&mngd=0&installdate=1730552703&edu=&bphint=2&soobedate=1696486676&fg=1 HTTP/1.1
                                                                                                                                                                                              Host: config.edge.skype.com
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Accept-Encoding: gzip
                                                                                                                                                                                              Sec-Fetch-Site: none
                                                                                                                                                                                              Sec-Fetch-Mode: no-cors
                                                                                                                                                                                              Sec-Fetch-Dest: empty
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                              2024-11-02 13:05:07 UTC1177INHTTP/1.1 200 OK
                                                                                                                                                                                              Cache-Control: no-cache,max-age=3600
                                                                                                                                                                                              Content-Length: 51935
                                                                                                                                                                                              Content-Type: application/json
                                                                                                                                                                                              Expires: Sat, 02 Nov 2024 14:05:07 GMT
                                                                                                                                                                                              ETag: "WYdisfpgC4NlJjkZTov/cIIhoIE6r/ikI9TuQM3GQKI="
                                                                                                                                                                                              Server: Microsoft-IIS/10.0
                                                                                                                                                                                              request-id: 4d3afddc-260a-9046-841f-7592d96d18ee
                                                                                                                                                                                              X-BackEndHttpStatus: 200
                                                                                                                                                                                              X-Content-Type-Options: nosniff
                                                                                                                                                                                              X-Frame-Options: DENY
                                                                                                                                                                                              Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                              Report-To: {"group":"NelEcsUpload1","max_age":604800,"endpoints":[{"url":"https://ecs.nel.measure.office.net?TenantId=Edge&DestinationEndpoint=MIRA-SIP-FR2&FrontEnd=MIRA"}],"include_subdomains":true}
                                                                                                                                                                                              NEL: {"report_to":"NelEcsUpload1","max_age":604800,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
                                                                                                                                                                                              X-Proxy-RoutingCorrectness: 1
                                                                                                                                                                                              X-MSEdge-Ref: MIRA: 4d3afddc-260a-9046-841f-7592d96d18ee FR2P281CA0014 2024-11-02T13:05:07.373Z
                                                                                                                                                                                              Alt-Svc: h3=":443";ma=2592000,h3-29=":443";ma=2592000
                                                                                                                                                                                              X-Proxy-BackendServerStatus: 200
                                                                                                                                                                                              X-FirstHopCafeEFZ: FRA
                                                                                                                                                                                              X-FEProxyInfo: FR2P281CA0014.DEUP281.PROD.OUTLOOK.COM
                                                                                                                                                                                              X-FEEFZInfo: FRA
                                                                                                                                                                                              X-Powered-By: ASP.NET
                                                                                                                                                                                              X-FEServer: FR2P281CA0014
                                                                                                                                                                                              Date: Sat, 02 Nov 2024 13:05:07 GMT
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              2024-11-02 13:05:07 UTC2681INData Raw: 7b 22 45 43 53 22 3a 7b 22 45 78 63 6c 75 64 65 45 78 74 65 72 6e 61 6c 43 6f 6e 66 69 67 49 64 73 49 6e 4c 6f 67 22 3a 74 72 75 65 2c 22 43 6f 6e 66 69 67 4c 6f 67 54 61 72 67 65 74 22 3a 22 65 64 67 65 5f 73 74 61 62 6c 65 22 7d 2c 22 45 64 67 65 43 6f 6e 66 69 67 22 3a 7b 22 75 6e 70 61 63 6b 5f 65 78 74 65 6e 73 69 6f 6e 5f 72 65 67 69 73 74 72 79 5f 68 61 73 68 5f 63 68 65 63 6b 22 3a 7b 22 64 69 73 61 62 6c 65 46 65 61 74 75 72 65 73 22 3a 5b 22 6d 73 45 78 74 65 6e 73 69 6f 6e 52 65 67 69 73 74 72 79 48 61 73 68 43 68 65 63 6b 22 2c 22 6d 73 45 78 74 65 6e 73 69 6f 6e 52 65 67 69 73 74 72 79 48 61 73 68 43 68 65 63 6b 4d 69 74 69 67 61 74 65 54 72 69 67 67 65 72 22 5d 7d 2c 22 4c 6f 61 64 53 74 61 74 69 73 74 69 63 73 4c 6f 67 67 69 6e 67 50 72 69
                                                                                                                                                                                              Data Ascii: {"ECS":{"ExcludeExternalConfigIdsInLog":true,"ConfigLogTarget":"edge_stable"},"EdgeConfig":{"unpack_extension_registry_hash_check":{"disableFeatures":["msExtensionRegistryHashCheck","msExtensionRegistryHashCheckMitigateTrigger"]},"LoadStatisticsLoggingPri
                                                                                                                                                                                              2024-11-02 13:05:07 UTC13013INData Raw: 72 54 79 70 65 2e 47 65 74 46 69 6c 65 73 2c 31 2c 2c 31 36 3b 4d 69 63 72 6f 73 6f 66 74 2e 46 72 65 6d 6f 6e 74 2e 52 61 61 73 2e 45 72 72 6f 72 54 79 70 65 2e 53 65 74 43 6f 6e 74 61 69 6e 65 72 49 64 2c 31 2c 2c 31 36 3b 4d 69 63 72 6f 73 6f 66 74 2e 46 72 65 6d 6f 6e 74 2e 52 61 61 73 2e 47 65 74 46 69 6c 65 49 64 2c 31 2c 2c 31 36 3b 4d 69 63 72 6f 73 6f 66 74 2e 46 72 65 6d 6f 6e 74 2e 52 61 61 73 2e 48 74 74 70 52 65 73 70 6f 6e 73 65 43 6f 64 65 2e 43 72 65 61 74 65 43 6f 6e 74 61 69 6e 65 72 2c 31 2c 2c 31 36 3b 4d 69 63 72 6f 73 6f 66 74 2e 46 72 65 6d 6f 6e 74 2e 52 61 61 73 2e 48 74 74 70 52 65 73 70 6f 6e 73 65 43 6f 64 65 2e 44 65 6c 65 74 65 46 69 6c 65 2c 31 2c 2c 31 36 3b 4d 69 63 72 6f 73 6f 66 74 2e 46 72 65 6d 6f 6e 74 2e 52 61 61 73
                                                                                                                                                                                              Data Ascii: rType.GetFiles,1,,16;Microsoft.Fremont.Raas.ErrorType.SetContainerId,1,,16;Microsoft.Fremont.Raas.GetFileId,1,,16;Microsoft.Fremont.Raas.HttpResponseCode.CreateContainer,1,,16;Microsoft.Fremont.Raas.HttpResponseCode.DeleteFile,1,,16;Microsoft.Fremont.Raas
                                                                                                                                                                                              2024-11-02 13:05:07 UTC16384INData Raw: 6f 6d 22 2c 22 61 70 70 6c 69 65 64 5f 70 6f 6c 69 63 79 22 3a 22 43 68 72 6f 6d 65 55 41 41 6e 64 43 6c 69 65 6e 74 48 69 6e 74 73 22 7d 2c 7b 22 64 6f 6d 61 69 6e 22 3a 22 77 77 77 2e 6c 61 6e 67 75 61 67 65 61 63 61 64 65 6d 79 2e 63 6f 6d 2e 61 75 22 2c 22 61 70 70 6c 69 65 64 5f 70 6f 6c 69 63 79 22 3a 22 43 68 72 6f 6d 65 55 41 22 7d 2c 7b 22 64 6f 6d 61 69 6e 22 3a 22 67 6c 69 76 65 32 2e 67 61 6f 64 75 6e 2e 63 6f 6d 22 2c 22 61 70 70 6c 69 65 64 5f 70 6f 6c 69 63 79 22 3a 22 43 68 72 6f 6d 65 55 41 22 7d 2c 7b 22 64 6f 6d 61 69 6e 22 3a 22 69 6e 74 65 72 6c 61 6b 65 70 73 79 63 68 69 61 74 72 69 63 69 6e 74 6f 75 63 68 2e 69 6e 73 79 6e 63 68 63 73 2e 63 6f 6d 22 2c 22 61 70 70 6c 69 65 64 5f 70 6f 6c 69 63 79 22 3a 22 43 68 72 6f 6d 65 55 41 22
                                                                                                                                                                                              Data Ascii: om","applied_policy":"ChromeUAAndClientHints"},{"domain":"www.languageacademy.com.au","applied_policy":"ChromeUA"},{"domain":"glive2.gaodun.com","applied_policy":"ChromeUA"},{"domain":"interlakepsychiatricintouch.insynchcs.com","applied_policy":"ChromeUA"
                                                                                                                                                                                              2024-11-02 13:05:07 UTC16384INData Raw: 22 76 69 64 65 6f 6d 61 72 6b 65 74 2e 64 6d 6d 2e 63 6f 6d 22 2c 22 61 70 70 6c 69 65 64 5f 70 6f 6c 69 63 79 22 3a 22 44 6f 4e 6f 74 4f 76 65 72 72 69 64 65 22 7d 2c 7b 22 64 6f 6d 61 69 6e 22 3a 22 76 6f 64 2e 63 61 6e 61 6c 70 6c 75 73 2e 63 6f 6d 22 2c 22 61 70 70 6c 69 65 64 5f 70 6f 6c 69 63 79 22 3a 22 44 6f 4e 6f 74 4f 76 65 72 72 69 64 65 22 7d 2c 7b 22 64 6f 6d 61 69 6e 22 3a 22 76 6f 64 2e 74 76 70 2e 70 6c 22 2c 22 61 70 70 6c 69 65 64 5f 70 6f 6c 69 63 79 22 3a 22 44 6f 4e 6f 74 4f 76 65 72 72 69 64 65 22 7d 2c 7b 22 64 6f 6d 61 69 6e 22 3a 22 76 6f 79 6f 2e 6d 61 72 6b 69 7a 61 2e 73 6b 22 2c 22 61 70 70 6c 69 65 64 5f 70 6f 6c 69 63 79 22 3a 22 44 6f 4e 6f 74 4f 76 65 72 72 69 64 65 22 7d 2c 7b 22 64 6f 6d 61 69 6e 22 3a 22 76 6f 79 6f 2e
                                                                                                                                                                                              Data Ascii: "videomarket.dmm.com","applied_policy":"DoNotOverride"},{"domain":"vod.canalplus.com","applied_policy":"DoNotOverride"},{"domain":"vod.tvp.pl","applied_policy":"DoNotOverride"},{"domain":"voyo.markiza.sk","applied_policy":"DoNotOverride"},{"domain":"voyo.
                                                                                                                                                                                              2024-11-02 13:05:07 UTC3473INData Raw: 70 6f 6c 69 63 79 22 3a 22 6d 69 6e 5f 6c 61 79 6f 75 74 5f 73 69 7a 65 22 2c 22 64 6f 6d 61 69 6e 22 3a 22 66 6c 69 70 6b 61 72 74 2e 63 6f 6d 22 7d 2c 7b 22 61 70 70 6c 69 65 64 5f 70 6f 6c 69 63 79 22 3a 22 6d 69 6e 5f 6c 61 79 6f 75 74 5f 73 69 7a 65 22 2c 22 64 6f 6d 61 69 6e 22 3a 22 62 62 63 2e 63 6f 6d 22 7d 2c 7b 22 61 70 70 6c 69 65 64 5f 70 6f 6c 69 63 79 22 3a 22 6d 69 6e 5f 6c 61 79 6f 75 74 5f 73 69 7a 65 22 2c 22 64 6f 6d 61 69 6e 22 3a 22 65 73 70 6e 2e 63 6f 6d 22 7d 2c 7b 22 61 70 70 6c 69 65 64 5f 70 6f 6c 69 63 79 22 3a 22 6d 69 6e 5f 6c 61 79 6f 75 74 5f 73 69 7a 65 22 2c 22 64 6f 6d 61 69 6e 22 3a 22 65 62 61 79 2e 2a 22 7d 2c 7b 22 61 70 70 6c 69 65 64 5f 70 6f 6c 69 63 79 22 3a 22 6d 69 6e 5f 6c 61 79 6f 75 74 5f 73 69 7a 65 22 2c
                                                                                                                                                                                              Data Ascii: policy":"min_layout_size","domain":"flipkart.com"},{"applied_policy":"min_layout_size","domain":"bbc.com"},{"applied_policy":"min_layout_size","domain":"espn.com"},{"applied_policy":"min_layout_size","domain":"ebay.*"},{"applied_policy":"min_layout_size",


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              1192.168.2.649715140.82.121.44437096C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-11-02 13:05:07 UTC130OUTGET /ChatGPTNextWeb/ChatGPT-Next-Web/releases/latest/download/latest.json HTTP/1.1
                                                                                                                                                                                              accept: application/json
                                                                                                                                                                                              host: github.com
                                                                                                                                                                                              2024-11-02 13:05:07 UTC538INHTTP/1.1 302 Found
                                                                                                                                                                                              Server: GitHub.com
                                                                                                                                                                                              Date: Sat, 02 Nov 2024 13:05:07 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=utf-8
                                                                                                                                                                                              Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
                                                                                                                                                                                              Location: https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/releases/download/v2.15.6/latest.json
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
                                                                                                                                                                                              X-Frame-Options: deny
                                                                                                                                                                                              X-Content-Type-Options: nosniff
                                                                                                                                                                                              X-XSS-Protection: 0
                                                                                                                                                                                              Referrer-Policy: no-referrer-when-downgrade
                                                                                                                                                                                              2024-11-02 13:05:07 UTC3283INData Raw: 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 27 6e 6f 6e 65 27 3b 20 62 61 73 65 2d 75 72 69 20 27 73 65 6c 66 27 3b 20 63 68 69 6c 64 2d 73 72 63 20 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2d 63 64 6e 2f 77 6f 72 6b 65 72 2f 20 67 69 74 68 75 62 2e 63 6f 6d 2f 77 65 62 70 61 63 6b 2f 20 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 20 67 69 73 74 2e 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2d 63 64 6e 2f 77 6f 72 6b 65 72 2f 3b 20 63 6f 6e 6e 65 63 74 2d 73 72 63 20 27 73 65 6c 66 27 20 75 70 6c 6f 61 64 73 2e 67 69 74 68 75 62 2e 63 6f 6d 20 77 77 77 2e 67 69 74 68 75 62 73 74 61 74 75 73 2e 63 6f 6d 20 63 6f 6c 6c 65 63 74 6f 72 2e 67 69 74 68 75 62 2e 63 6f
                                                                                                                                                                                              Data Ascii: Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.co
                                                                                                                                                                                              2024-11-02 13:05:07 UTC765INData Raw: 53 65 74 2d 43 6f 6f 6b 69 65 3a 20 5f 67 68 5f 73 65 73 73 3d 43 64 4d 64 39 52 79 73 65 47 33 43 61 25 32 46 34 57 69 48 59 49 38 79 6d 67 77 59 55 6e 6a 56 52 67 69 4b 78 56 73 59 74 4c 25 32 46 61 7a 76 49 66 7a 6e 38 6a 54 67 4b 6b 78 67 34 4b 79 41 31 68 37 73 36 32 65 4d 64 4f 38 58 55 6d 43 32 69 48 4e 6c 72 75 46 45 38 78 4e 49 4d 41 36 32 65 31 46 58 53 49 7a 59 37 5a 75 48 6b 4c 32 47 6c 61 41 5a 55 44 75 78 5a 47 42 32 53 68 4f 4f 48 47 4c 6e 77 31 33 6a 35 5a 65 39 68 6b 59 31 64 74 73 73 76 50 35 37 59 74 4b 33 41 51 48 45 6c 75 44 46 77 68 55 74 75 58 4f 39 43 53 61 7a 4c 44 69 37 39 36 6e 6b 77 44 6f 66 45 34 63 50 62 55 37 6a 67 6c 75 56 34 44 70 74 37 76 62 46 52 36 38 6b 77 36 54 51 6b 4a 32 4b 41 73 6c 70 45 38 55 42 61 4b 32 7a 38 4b
                                                                                                                                                                                              Data Ascii: Set-Cookie: _gh_sess=CdMd9RyseG3Ca%2F4WiHYI8ymgwYUnjVRgiKxVsYtL%2FazvIfzn8jTgKkxg4KyA1h7s62eMdO8XUmC2iHNlruFE8xNIMA62e1FXSIzY7ZuHkL2GlaAZUDuxZGB2ShOOHGLnw13j5Ze9hkY1dtssvP57YtK3AQHEluDFwhUtuXO9CSazLDi796nkwDofE4cPbU7jgluV4Dpt7vbFR68kw6TQkJ2KAslpE8UBaK2z8K


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              2192.168.2.649719140.82.121.44437096C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-11-02 13:05:09 UTC229OUTGET /ChatGPTNextWeb/ChatGPT-Next-Web/releases/download/v2.15.6/latest.json HTTP/1.1
                                                                                                                                                                                              accept: application/json
                                                                                                                                                                                              referer: https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/releases/latest/download/latest.json
                                                                                                                                                                                              host: github.com
                                                                                                                                                                                              2024-11-02 13:05:09 UTC958INHTTP/1.1 302 Found
                                                                                                                                                                                              Server: GitHub.com
                                                                                                                                                                                              Date: Sat, 02 Nov 2024 13:05:09 GMT
                                                                                                                                                                                              Content-Type: text/html; charset=utf-8
                                                                                                                                                                                              Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
                                                                                                                                                                                              Location: https://objects.githubusercontent.com/github-production-release-asset-2e65be/612344730/3cd57bbe-8241-4fc6-bd27-bb7c90aaa569?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241102%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241102T130509Z&X-Amz-Expires=300&X-Amz-Signature=0dbc1a6befe9ce864a6c45309c96b4515fd0136a0d5fa3818b229dac8fa81efc&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dlatest.json&response-content-type=application%2Foctet-stream
                                                                                                                                                                                              Cache-Control: no-cache
                                                                                                                                                                                              Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
                                                                                                                                                                                              X-Frame-Options: deny
                                                                                                                                                                                              X-Content-Type-Options: nosniff
                                                                                                                                                                                              X-XSS-Protection: 0
                                                                                                                                                                                              Referrer-Policy: no-referrer-when-downgrade
                                                                                                                                                                                              2024-11-02 13:05:09 UTC3382INData Raw: 43 6f 6e 74 65 6e 74 2d 53 65 63 75 72 69 74 79 2d 50 6f 6c 69 63 79 3a 20 64 65 66 61 75 6c 74 2d 73 72 63 20 27 6e 6f 6e 65 27 3b 20 62 61 73 65 2d 75 72 69 20 27 73 65 6c 66 27 3b 20 63 68 69 6c 64 2d 73 72 63 20 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2d 63 64 6e 2f 77 6f 72 6b 65 72 2f 20 67 69 74 68 75 62 2e 63 6f 6d 2f 77 65 62 70 61 63 6b 2f 20 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2f 20 67 69 73 74 2e 67 69 74 68 75 62 2e 63 6f 6d 2f 61 73 73 65 74 73 2d 63 64 6e 2f 77 6f 72 6b 65 72 2f 3b 20 63 6f 6e 6e 65 63 74 2d 73 72 63 20 27 73 65 6c 66 27 20 75 70 6c 6f 61 64 73 2e 67 69 74 68 75 62 2e 63 6f 6d 20 77 77 77 2e 67 69 74 68 75 62 73 74 61 74 75 73 2e 63 6f 6d 20 63 6f 6c 6c 65 63 74 6f 72 2e 67 69 74 68 75 62 2e 63 6f
                                                                                                                                                                                              Data Ascii: Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ github.com/webpack/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.co


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              3192.168.2.649726185.199.111.1334437096C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-11-02 13:05:10 UTC650OUTGET /github-production-release-asset-2e65be/612344730/3cd57bbe-8241-4fc6-bd27-bb7c90aaa569?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=releaseassetproduction%2F20241102%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20241102T130509Z&X-Amz-Expires=300&X-Amz-Signature=0dbc1a6befe9ce864a6c45309c96b4515fd0136a0d5fa3818b229dac8fa81efc&X-Amz-SignedHeaders=host&response-content-disposition=attachment%3B%20filename%3Dlatest.json&response-content-type=application%2Foctet-stream HTTP/1.1
                                                                                                                                                                                              accept: application/json
                                                                                                                                                                                              referer: https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/releases/download/v2.15.6/latest.json
                                                                                                                                                                                              host: objects.githubusercontent.com
                                                                                                                                                                                              2024-11-02 13:05:10 UTC840INHTTP/1.1 200 OK
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Content-Length: 2489
                                                                                                                                                                                              Content-Type: application/octet-stream
                                                                                                                                                                                              Last-Modified: Thu, 24 Oct 2024 07:51:35 GMT
                                                                                                                                                                                              ETag: "0x8DCF400AF00E12A"
                                                                                                                                                                                              Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
                                                                                                                                                                                              x-ms-request-id: c30f6854-501e-0055-79e9-25f1de000000
                                                                                                                                                                                              x-ms-version: 2024-08-04
                                                                                                                                                                                              x-ms-creation-time: Thu, 24 Oct 2024 07:51:35 GMT
                                                                                                                                                                                              x-ms-blob-content-md5: jfxYVSeXi+6nI7SkhbdwgA==
                                                                                                                                                                                              x-ms-lease-status: unlocked
                                                                                                                                                                                              x-ms-lease-state: available
                                                                                                                                                                                              x-ms-blob-type: BlockBlob
                                                                                                                                                                                              Content-Disposition: attachment; filename=latest.json
                                                                                                                                                                                              x-ms-server-encrypted: true
                                                                                                                                                                                              Via: 1.1 varnish, 1.1 varnish
                                                                                                                                                                                              Fastly-Restarts: 1
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Age: 0
                                                                                                                                                                                              Date: Sat, 02 Nov 2024 13:05:10 GMT
                                                                                                                                                                                              X-Served-By: cache-iad-kjyo7100108-IAD, cache-dfw-kdal2120029-DFW
                                                                                                                                                                                              X-Cache: HIT, HIT
                                                                                                                                                                                              X-Cache-Hits: 16, 0
                                                                                                                                                                                              X-Timer: S1730552711.517076,VS0,VE45
                                                                                                                                                                                              2024-11-02 13:05:10 UTC1378INData Raw: 7b 0a 20 20 22 76 65 72 73 69 6f 6e 22 3a 20 22 32 2e 31 35 2e 36 22 2c 0a 20 20 22 6e 6f 74 65 73 22 3a 20 22 22 2c 0a 20 20 22 70 75 62 5f 64 61 74 65 22 3a 20 22 32 30 32 34 2d 31 30 2d 32 34 54 30 37 3a 35 31 3a 33 34 2e 37 38 39 5a 22 2c 0a 20 20 22 70 6c 61 74 66 6f 72 6d 73 22 3a 20 7b 0a 20 20 20 20 22 6c 69 6e 75 78 2d 78 38 36 5f 36 34 22 3a 20 7b 0a 20 20 20 20 20 20 22 73 69 67 6e 61 74 75 72 65 22 3a 20 22 64 57 35 30 63 6e 56 7a 64 47 56 6b 49 47 4e 76 62 57 31 6c 62 6e 51 36 49 48 4e 70 5a 32 35 68 64 48 56 79 5a 53 42 6d 63 6d 39 74 49 48 52 68 64 58 4a 70 49 48 4e 6c 59 33 4a 6c 64 43 42 72 5a 58 6b 4b 55 6c 56 54 56 57 46 73 4e 43 39 36 62 30 4a 43 4d 33 46 76 61 30 52 53 4e 6d 31 53 51 33 68 50 64 55 6c 44 61 44 42 42 54 45 52 45 52 56
                                                                                                                                                                                              Data Ascii: { "version": "2.15.6", "notes": "", "pub_date": "2024-10-24T07:51:34.789Z", "platforms": { "linux-x86_64": { "signature": "dW50cnVzdGVkIGNvbW1lbnQ6IHNpZ25hdHVyZSBmcm9tIHRhdXJpIHNlY3JldCBrZXkKUlVTVWFsNC96b0JCM3Fva0RSNm1SQ3hPdUlDaDBBTERERV
                                                                                                                                                                                              2024-11-02 13:05:10 UTC1111INData Raw: 53 42 6d 63 6d 39 74 49 48 52 68 64 58 4a 70 49 48 4e 6c 59 33 4a 6c 64 43 42 72 5a 58 6b 4b 55 6c 56 54 56 57 46 73 4e 43 39 36 62 30 4a 43 4d 33 42 61 4f 44 56 31 64 33 5a 4f 55 7a 42 49 4e 45 5a 4a 61 6c 67 76 52 6d 78 33 4e 7a 6c 6a 4d 54 42 54 54 57 77 30 54 55 35 79 54 7a 4e 6a 59 32 31 55 5a 33 52 52 55 45 4a 50 51 54 68 47 55 58 4a 53 61 33 64 5a 63 55 6c 78 55 56 6c 75 57 6e 6f 31 55 54 46 31 62 32 4e 4a 4e 48 5a 44 64 55 56 44 62 45 74 6c 56 45 4a 34 56 6a 52 75 64 6c 46 6a 50 51 70 30 63 6e 56 7a 64 47 56 6b 49 47 4e 76 62 57 31 6c 62 6e 51 36 49 48 52 70 62 57 56 7a 64 47 46 74 63 44 6f 78 4e 7a 49 35 4e 7a 55 31 4f 44 63 34 43 57 5a 70 62 47 55 36 54 6d 56 34 64 45 4e 6f 59 58 51 75 59 58 42 77 4c 6e 52 68 63 69 35 6e 65 67 70 78 59 30 39 79
                                                                                                                                                                                              Data Ascii: SBmcm9tIHRhdXJpIHNlY3JldCBrZXkKUlVTVWFsNC96b0JCM3BaODV1d3ZOUzBINEZJalgvRmx3NzljMTBTTWw0TU5yTzNjY21UZ3RRUEJPQThGUXJSa3dZcUlxUVluWno1UTF1b2NJNHZDdUVDbEtlVEJ4VjRudlFjPQp0cnVzdGVkIGNvbW1lbnQ6IHRpbWVzdGFtcDoxNzI5NzU1ODc4CWZpbGU6TmV4dENoYXQuYXBwLnRhci5negpxY09y


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              4192.168.2.649728162.159.61.34432820C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-11-02 13:05:11 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                              Host: chrome.cloudflare-dns.com
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Content-Length: 128
                                                                                                                                                                                              Accept: application/dns-message
                                                                                                                                                                                              Accept-Language: *
                                                                                                                                                                                              User-Agent: Chrome
                                                                                                                                                                                              Accept-Encoding: identity
                                                                                                                                                                                              Content-Type: application/dns-message
                                                                                                                                                                                              2024-11-02 13:05:11 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                              2024-11-02 13:05:11 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: cloudflare
                                                                                                                                                                                              Date: Sat, 02 Nov 2024 13:05:11 GMT
                                                                                                                                                                                              Content-Type: application/dns-message
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Access-Control-Allow-Origin: *
                                                                                                                                                                                              Content-Length: 468
                                                                                                                                                                                              CF-RAY: 8dc455ae19992e76-DFW
                                                                                                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                              2024-11-02 13:05:11 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 bd 00 04 8e fa 71 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii: wwwgstaticcomq^)


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              5192.168.2.649729162.159.61.34432820C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-11-02 13:05:11 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                              Host: chrome.cloudflare-dns.com
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Content-Length: 128
                                                                                                                                                                                              Accept: application/dns-message
                                                                                                                                                                                              Accept-Language: *
                                                                                                                                                                                              User-Agent: Chrome
                                                                                                                                                                                              Accept-Encoding: identity
                                                                                                                                                                                              Content-Type: application/dns-message
                                                                                                                                                                                              2024-11-02 13:05:11 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                              2024-11-02 13:05:11 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: cloudflare
                                                                                                                                                                                              Date: Sat, 02 Nov 2024 13:05:11 GMT
                                                                                                                                                                                              Content-Type: application/dns-message
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Access-Control-Allow-Origin: *
                                                                                                                                                                                              Content-Length: 468
                                                                                                                                                                                              CF-RAY: 8dc455ae4f9fe7df-DFW
                                                                                                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                              2024-11-02 13:05:11 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 e9 00 04 8e fa 71 5e 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii: wwwgstaticcomq^)


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              6192.168.2.649743132.145.248.224432820C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-11-02 13:05:14 UTC703OUTGET /https://raw.githubusercontent.com/ChatGPTNextWeb/NextChat-Awesome-Plugins/main/plugins/dalle/openapi.json HTTP/1.1
                                                                                                                                                                                              Host: ghp.ci
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              Origin: http://tauri.localhost
                                                                                                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                                                                                                              Sec-Fetch-Mode: cors
                                                                                                                                                                                              Sec-Fetch-Dest: empty
                                                                                                                                                                                              Referer: http://tauri.localhost/
                                                                                                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                              2024-11-02 13:05:14 UTC958INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx
                                                                                                                                                                                              Date: Sat, 02 Nov 2024 13:05:14 GMT
                                                                                                                                                                                              Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                              Content-Length: 1822
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Cache-Control: max-age=300
                                                                                                                                                                                              Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
                                                                                                                                                                                              ETag: "8493bccd9d5d1767f1619f562462b34589251c087d177c7cc2a24748db32f035"
                                                                                                                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                              X-Content-Type-Options: nosniff
                                                                                                                                                                                              X-Frame-Options: deny
                                                                                                                                                                                              X-XSS-Protection: 1; mode=block
                                                                                                                                                                                              X-GitHub-Request-Id: DCFA:1F7893:AB843:B2B6B:6726238A
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Via: 1.1 varnish
                                                                                                                                                                                              X-Served-By: cache-fra-etou8220153-FRA
                                                                                                                                                                                              X-Cache: MISS
                                                                                                                                                                                              X-Cache-Hits: 0
                                                                                                                                                                                              X-Timer: S1730552715.665868,VS0,VE94
                                                                                                                                                                                              Vary: Authorization,Accept-Encoding,Origin
                                                                                                                                                                                              Access-Control-Allow-Origin: *
                                                                                                                                                                                              Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                              X-Fastly-Request-ID: b51440ae572236c47e126828d64c41ca75b273bf
                                                                                                                                                                                              Expires: Sat, 02 Nov 2024 13:10:14 GMT
                                                                                                                                                                                              Source-Age: 0
                                                                                                                                                                                              Strict-Transport-Security: max-age=63072000
                                                                                                                                                                                              2024-11-02 13:05:14 UTC1822INData Raw: 7b 0a 20 20 22 6f 70 65 6e 61 70 69 22 3a 20 22 33 2e 31 2e 30 22 2c 0a 20 20 22 69 6e 66 6f 22 3a 20 7b 0a 20 20 20 20 22 74 69 74 6c 65 22 3a 20 22 44 61 6c 6c 65 33 22 2c 0a 20 20 20 20 22 76 65 72 73 69 6f 6e 22 3a 20 22 31 2e 30 2e 30 22 0a 20 20 7d 2c 0a 20 20 22 73 65 72 76 65 72 73 22 3a 20 5b 0a 20 20 20 20 7b 0a 20 20 20 20 20 20 22 75 72 6c 22 3a 20 22 68 74 74 70 73 3a 2f 2f 61 70 69 2e 6f 70 65 6e 61 69 2e 63 6f 6d 22 0a 20 20 20 20 7d 0a 20 20 5d 2c 0a 20 20 22 70 61 74 68 73 22 3a 20 7b 0a 20 20 20 20 22 2f 76 31 2f 69 6d 61 67 65 73 2f 67 65 6e 65 72 61 74 69 6f 6e 73 22 3a 20 7b 0a 20 20 20 20 20 20 22 70 6f 73 74 22 3a 20 7b 0a 20 20 20 20 20 20 20 20 22 6f 70 65 72 61 74 69 6f 6e 49 64 22 3a 20 22 44 61 6c 6c 65 33 22 2c 0a 20 20 20 20
                                                                                                                                                                                              Data Ascii: { "openapi": "3.1.0", "info": { "title": "Dalle3", "version": "1.0.0" }, "servers": [ { "url": "https://api.openai.com" } ], "paths": { "/v1/images/generations": { "post": { "operationId": "Dalle3",


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              7192.168.2.649762142.251.116.1024432820C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-11-02 13:05:16 UTC1192OUTPOST /g/collect?v=2&tid=G-89WN60ZK2E&gtm=45je4au0v9193277674za200&_p=1730552711857&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101878899~101878944~101925629&cid=1485091294.1730552715&ul=en-gb&sr=1280x1024&uaa=x86&uab=64&uafvl=Microsoft%2520Edge%3B117.0.2045.47%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132%7CMicrosoft%2520Edge%2520WebView2%3B117.0.2045.47&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1730552714&sct=1&seg=0&dl=http%3A%2F%2Ftauri.localhost%2F&dt=NextChat&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=8951 HTTP/1.1
                                                                                                                                                                                              Host: www.google-analytics.com
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Content-Length: 0
                                                                                                                                                                                              sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              Origin: http://tauri.localhost
                                                                                                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                                                                                                              Sec-Fetch-Mode: no-cors
                                                                                                                                                                                              Sec-Fetch-Dest: empty
                                                                                                                                                                                              Referer: http://tauri.localhost/
                                                                                                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                              2024-11-02 13:05:16 UTC843INHTTP/1.1 204 No Content
                                                                                                                                                                                              Access-Control-Allow-Origin: http://tauri.localhost
                                                                                                                                                                                              Date: Sat, 02 Nov 2024 13:05:16 GMT
                                                                                                                                                                                              Pragma: no-cache
                                                                                                                                                                                              Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                              Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                              Access-Control-Allow-Credentials: true
                                                                                                                                                                                              Content-Type: text/plain
                                                                                                                                                                                              Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                              Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
                                                                                                                                                                                              Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
                                                                                                                                                                                              Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
                                                                                                                                                                                              Server: Golfe2
                                                                                                                                                                                              Content-Length: 0
                                                                                                                                                                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                              Connection: close


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              8192.168.2.649763142.251.116.954432820C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-11-02 13:05:16 UTC665OUTGET /css2?family=Noto%20Sans%3Awght%40300%3B400%3B700%3B900&display=swap HTTP/1.1
                                                                                                                                                                                              Host: fonts.googleapis.com
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                                                                                                              Accept: text/css,*/*;q=0.1
                                                                                                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                                                                                                              Sec-Fetch-Mode: no-cors
                                                                                                                                                                                              Sec-Fetch-Dest: style
                                                                                                                                                                                              Referer: http://tauri.localhost/
                                                                                                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                              2024-11-02 13:05:16 UTC805INHTTP/1.1 200 OK
                                                                                                                                                                                              Content-Type: text/css; charset=utf-8
                                                                                                                                                                                              Access-Control-Allow-Origin: *
                                                                                                                                                                                              Timing-Allow-Origin: *
                                                                                                                                                                                              Link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
                                                                                                                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                              Expires: Sat, 02 Nov 2024 13:05:16 GMT
                                                                                                                                                                                              Date: Sat, 02 Nov 2024 13:05:16 GMT
                                                                                                                                                                                              Cache-Control: private, max-age=86400, stale-while-revalidate=604800
                                                                                                                                                                                              Last-Modified: Sat, 02 Nov 2024 13:05:16 GMT
                                                                                                                                                                                              Cross-Origin-Opener-Policy: same-origin-allow-popups
                                                                                                                                                                                              Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                              Server: ESF
                                                                                                                                                                                              X-XSS-Protection: 0
                                                                                                                                                                                              X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                              X-Content-Type-Options: nosniff
                                                                                                                                                                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                              Accept-Ranges: none
                                                                                                                                                                                              Vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site,Accept-Encoding
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Transfer-Encoding: chunked
                                                                                                                                                                                              2024-11-02 13:05:16 UTC573INData Raw: 33 30 38 38 0d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4e 6f 74 6f 20 53 61 6e 73 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 66 6f 6e 74 2d 73 74 72 65 74 63 68 3a 20 31 30 30 25 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 6e 6f 74 6f 73 61 6e 73 2f 76 33 36 2f 6f 2d 30 62 49 70 51 6c 78 33 51 55 6c 43 35 41 34 50 4e 42 36 52 79 74 69 32 30 5f 36 6e 31 69 50 48 6a 63 35 61 50 64 75 32 75 69 2e 77 6f 66 66 32 29
                                                                                                                                                                                              Data Ascii: 3088/* cyrillic-ext */@font-face { font-family: 'Noto Sans'; font-style: normal; font-weight: 300; font-stretch: 100%; font-display: swap; src: url(https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5aPdu2ui.woff2)
                                                                                                                                                                                              2024-11-02 13:05:16 UTC1378INData Raw: 35 41 34 50 4e 42 36 52 79 74 69 32 30 5f 36 6e 31 69 50 48 6a 63 35 61 72 64 75 32 75 69 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 33 30 31 2c 20 55 2b 30 34 30 30 2d 30 34 35 46 2c 20 55 2b 30 34 39 30 2d 30 34 39 31 2c 20 55 2b 30 34 42 30 2d 30 34 42 31 2c 20 55 2b 32 31 31 36 3b 0a 7d 0a 2f 2a 20 64 65 76 61 6e 61 67 61 72 69 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4e 6f 74 6f 20 53 61 6e 73 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 33 30 30 3b 0a 20 20 66 6f 6e 74 2d 73 74 72 65 74 63 68 3a 20 31 30 30 25 3b 0a 20 20 66 6f
                                                                                                                                                                                              Data Ascii: 5A4PNB6Ryti20_6n1iPHjc5ardu2ui.woff2) format('woff2'); unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;}/* devanagari */@font-face { font-family: 'Noto Sans'; font-style: normal; font-weight: 300; font-stretch: 100%; fo
                                                                                                                                                                                              2024-11-02 13:05:16 UTC1378INData Raw: 33 51 55 6c 43 35 41 34 50 4e 42 36 52 79 74 69 32 30 5f 36 6e 31 69 50 48 6a 63 35 61 48 64 75 32 75 69 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 31 30 32 2d 30 31 30 33 2c 20 55 2b 30 31 31 30 2d 30 31 31 31 2c 20 55 2b 30 31 32 38 2d 30 31 32 39 2c 20 55 2b 30 31 36 38 2d 30 31 36 39 2c 20 55 2b 30 31 41 30 2d 30 31 41 31 2c 20 55 2b 30 31 41 46 2d 30 31 42 30 2c 20 55 2b 30 33 30 30 2d 30 33 30 31 2c 20 55 2b 30 33 30 33 2d 30 33 30 34 2c 20 55 2b 30 33 30 38 2d 30 33 30 39 2c 20 55 2b 30 33 32 33 2c 20 55 2b 30 33 32 39 2c 20 55 2b 31 45 41 30 2d 31 45 46 39 2c 20 55 2b 32 30 41 42 3b 0a 7d 0a 2f 2a 20 6c 61 74 69 6e 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d
                                                                                                                                                                                              Data Ascii: 3QUlC5A4PNB6Ryti20_6n1iPHjc5aHdu2ui.woff2) format('woff2'); unicode-range: U+0102-0103, U+0110-0111, U+0128-0129, U+0168-0169, U+01A0-01A1, U+01AF-01B0, U+0300-0301, U+0303-0304, U+0308-0309, U+0323, U+0329, U+1EA0-1EF9, U+20AB;}/* latin-ext */@font-
                                                                                                                                                                                              2024-11-02 13:05:16 UTC1378INData Raw: 42 36 52 79 74 69 32 30 5f 36 6e 31 69 50 48 6a 63 35 61 50 64 75 32 75 69 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 34 36 30 2d 30 35 32 46 2c 20 55 2b 31 43 38 30 2d 31 43 38 41 2c 20 55 2b 32 30 42 34 2c 20 55 2b 32 44 45 30 2d 32 44 46 46 2c 20 55 2b 41 36 34 30 2d 41 36 39 46 2c 20 55 2b 46 45 32 45 2d 46 45 32 46 3b 0a 7d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4e 6f 74 6f 20 53 61 6e 73 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 66 6f 6e 74 2d 73 74 72 65 74 63 68 3a
                                                                                                                                                                                              Data Ascii: B6Ryti20_6n1iPHjc5aPdu2ui.woff2) format('woff2'); unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;}/* cyrillic */@font-face { font-family: 'Noto Sans'; font-style: normal; font-weight: 400; font-stretch:
                                                                                                                                                                                              2024-11-02 13:05:16 UTC1378INData Raw: 34 50 4e 42 36 52 79 74 69 32 30 5f 36 6e 31 69 50 48 6a 63 35 61 33 64 75 32 75 69 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 33 37 30 2d 30 33 37 37 2c 20 55 2b 30 33 37 41 2d 30 33 37 46 2c 20 55 2b 30 33 38 34 2d 30 33 38 41 2c 20 55 2b 30 33 38 43 2c 20 55 2b 30 33 38 45 2d 30 33 41 31 2c 20 55 2b 30 33 41 33 2d 30 33 46 46 3b 0a 7d 0a 2f 2a 20 76 69 65 74 6e 61 6d 65 73 65 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4e 6f 74 6f 20 53 61 6e 73 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 34 30 30 3b 0a 20 20 66 6f 6e 74 2d 73 74 72
                                                                                                                                                                                              Data Ascii: 4PNB6Ryti20_6n1iPHjc5a3du2ui.woff2) format('woff2'); unicode-range: U+0370-0377, U+037A-037F, U+0384-038A, U+038C, U+038E-03A1, U+03A3-03FF;}/* vietnamese */@font-face { font-family: 'Noto Sans'; font-style: normal; font-weight: 400; font-str
                                                                                                                                                                                              2024-11-02 13:05:16 UTC1378INData Raw: 30 32 42 43 2c 20 55 2b 30 32 43 36 2c 20 55 2b 30 32 44 41 2c 20 55 2b 30 32 44 43 2c 20 55 2b 30 33 30 34 2c 20 55 2b 30 33 30 38 2c 20 55 2b 30 33 32 39 2c 20 55 2b 32 30 30 30 2d 32 30 36 46 2c 20 55 2b 32 30 41 43 2c 20 55 2b 32 31 32 32 2c 20 55 2b 32 31 39 31 2c 20 55 2b 32 31 39 33 2c 20 55 2b 32 32 31 32 2c 20 55 2b 32 32 31 35 2c 20 55 2b 46 45 46 46 2c 20 55 2b 46 46 46 44 3b 0a 7d 0a 2f 2a 20 63 79 72 69 6c 6c 69 63 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4e 6f 74 6f 20 53 61 6e 73 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 20 20 66 6f 6e 74 2d 73 74 72 65 74 63 68 3a 20 31 30 30 25
                                                                                                                                                                                              Data Ascii: 02BC, U+02C6, U+02DA, U+02DC, U+0304, U+0308, U+0329, U+2000-206F, U+20AC, U+2122, U+2191, U+2193, U+2212, U+2215, U+FEFF, U+FFFD;}/* cyrillic-ext */@font-face { font-family: 'Noto Sans'; font-style: normal; font-weight: 700; font-stretch: 100%
                                                                                                                                                                                              2024-11-02 13:05:16 UTC1378INData Raw: 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 6e 6f 74 6f 73 61 6e 73 2f 76 33 36 2f 6f 2d 30 62 49 70 51 6c 78 33 51 55 6c 43 35 41 34 50 4e 42 36 52 79 74 69 32 30 5f 36 6e 31 69 50 48 6a 63 35 61 4c 64 75 32 75 69 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 31 46 30 30 2d 31 46 46 46 3b 0a 7d 0a 2f 2a 20 67 72 65 65 6b 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4e 6f 74 6f 20 53 61 6e 73 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 20 20 66 6f 6e 74 2d 73 74 72 65 74 63 68 3a 20 31
                                                                                                                                                                                              Data Ascii: (https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5aLdu2ui.woff2) format('woff2'); unicode-range: U+1F00-1FFF;}/* greek */@font-face { font-family: 'Noto Sans'; font-style: normal; font-weight: 700; font-stretch: 1
                                                                                                                                                                                              2024-11-02 13:05:16 UTC1378INData Raw: 32 31 31 33 2c 20 55 2b 32 43 36 30 2d 32 43 37 46 2c 20 55 2b 41 37 32 30 2d 41 37 46 46 3b 0a 7d 0a 2f 2a 20 6c 61 74 69 6e 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4e 6f 74 6f 20 53 61 6e 73 27 3b 0a 20 20 66 6f 6e 74 2d 73 74 79 6c 65 3a 20 6e 6f 72 6d 61 6c 3b 0a 20 20 66 6f 6e 74 2d 77 65 69 67 68 74 3a 20 37 30 30 3b 0a 20 20 66 6f 6e 74 2d 73 74 72 65 74 63 68 3a 20 31 30 30 25 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 6e 6f 74 6f 73 61 6e 73 2f 76 33 36 2f 6f 2d 30 62 49 70 51 6c 78 33 51 55 6c 43 35 41 34 50 4e 42 36 52 79 74 69 32 30 5f 36 6e
                                                                                                                                                                                              Data Ascii: 2113, U+2C60-2C7F, U+A720-A7FF;}/* latin */@font-face { font-family: 'Noto Sans'; font-style: normal; font-weight: 700; font-stretch: 100%; font-display: swap; src: url(https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n
                                                                                                                                                                                              2024-11-02 13:05:16 UTC1378INData Raw: 62 49 70 51 6c 78 33 51 55 6c 43 35 41 34 50 4e 42 36 52 79 74 69 32 30 5f 36 6e 31 69 50 48 6a 63 35 61 5f 64 75 32 75 69 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 39 30 30 2d 30 39 37 46 2c 20 55 2b 31 43 44 30 2d 31 43 46 39 2c 20 55 2b 32 30 30 43 2d 32 30 30 44 2c 20 55 2b 32 30 41 38 2c 20 55 2b 32 30 42 39 2c 20 55 2b 32 30 46 30 2c 20 55 2b 32 35 43 43 2c 20 55 2b 41 38 33 30 2d 41 38 33 39 2c 20 55 2b 41 38 45 30 2d 41 38 46 46 2c 20 55 2b 31 31 42 30 30 2d 31 31 42 30 39 3b 0a 7d 0a 2f 2a 20 67 72 65 65 6b 2d 65 78 74 20 2a 2f 0a 40 66 6f 6e 74 2d 66 61 63 65 20 7b 0a 20 20 66 6f 6e 74 2d 66 61 6d 69 6c 79 3a 20 27 4e 6f 74 6f 20 53 61 6e 73 27 3b 0a 20
                                                                                                                                                                                              Data Ascii: bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a_du2ui.woff2) format('woff2'); unicode-range: U+0900-097F, U+1CD0-1CF9, U+200C-200D, U+20A8, U+20B9, U+20F0, U+25CC, U+A830-A839, U+A8E0-A8FF, U+11B00-11B09;}/* greek-ext */@font-face { font-family: 'Noto Sans';
                                                                                                                                                                                              2024-11-02 13:05:16 UTC835INData Raw: 30 30 3b 0a 20 20 66 6f 6e 74 2d 73 74 72 65 74 63 68 3a 20 31 30 30 25 3b 0a 20 20 66 6f 6e 74 2d 64 69 73 70 6c 61 79 3a 20 73 77 61 70 3b 0a 20 20 73 72 63 3a 20 75 72 6c 28 68 74 74 70 73 3a 2f 2f 66 6f 6e 74 73 2e 67 73 74 61 74 69 63 2e 63 6f 6d 2f 73 2f 6e 6f 74 6f 73 61 6e 73 2f 76 33 36 2f 6f 2d 30 62 49 70 51 6c 78 33 51 55 6c 43 35 41 34 50 4e 42 36 52 79 74 69 32 30 5f 36 6e 31 69 50 48 6a 63 35 61 44 64 75 32 75 69 2e 77 6f 66 66 32 29 20 66 6f 72 6d 61 74 28 27 77 6f 66 66 32 27 29 3b 0a 20 20 75 6e 69 63 6f 64 65 2d 72 61 6e 67 65 3a 20 55 2b 30 31 30 30 2d 30 32 42 41 2c 20 55 2b 30 32 42 44 2d 30 32 43 35 2c 20 55 2b 30 32 43 37 2d 30 32 43 43 2c 20 55 2b 30 32 43 45 2d 30 32 44 37 2c 20 55 2b 30 32 44 44 2d 30 32 46 46 2c 20 55 2b 30 33
                                                                                                                                                                                              Data Ascii: 00; font-stretch: 100%; font-display: swap; src: url(https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5aDdu2ui.woff2) format('woff2'); unicode-range: U+0100-02BA, U+02BD-02C5, U+02C7-02CC, U+02CE-02D7, U+02DD-02FF, U+03


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              9192.168.2.649755132.145.248.224432820C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-11-02 13:05:16 UTC709OUTGET /https://raw.githubusercontent.com/ChatGPTNextWeb/NextChat-Awesome-Plugins/main/plugins/arxivsearch/openapi.json HTTP/1.1
                                                                                                                                                                                              Host: ghp.ci
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              Origin: http://tauri.localhost
                                                                                                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                                                                                                              Sec-Fetch-Mode: cors
                                                                                                                                                                                              Sec-Fetch-Dest: empty
                                                                                                                                                                                              Referer: http://tauri.localhost/
                                                                                                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                              2024-11-02 13:05:16 UTC963INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx
                                                                                                                                                                                              Date: Sat, 02 Nov 2024 13:05:16 GMT
                                                                                                                                                                                              Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                              Content-Length: 1714
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Cache-Control: max-age=300
                                                                                                                                                                                              Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
                                                                                                                                                                                              ETag: "a7490c5ceb32159b3e2f359827728abb8fd49541594854c71513de57871115c5"
                                                                                                                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                              X-Content-Type-Options: nosniff
                                                                                                                                                                                              X-Frame-Options: deny
                                                                                                                                                                                              X-XSS-Protection: 1; mode=block
                                                                                                                                                                                              X-GitHub-Request-Id: DE8A:255C0E:3B1338F:3DB82FB:6726238C
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Via: 1.1 varnish
                                                                                                                                                                                              X-Served-By: cache-fra-etou8220145-FRA
                                                                                                                                                                                              X-Cache: MISS
                                                                                                                                                                                              X-Cache-Hits: 0
                                                                                                                                                                                              X-Timer: S1730552717.577324,VS0,VE136
                                                                                                                                                                                              Vary: Authorization,Accept-Encoding,Origin
                                                                                                                                                                                              Access-Control-Allow-Origin: *
                                                                                                                                                                                              Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                              X-Fastly-Request-ID: edd554f91c24f8da2ba2f4de9df38d91bf80526d
                                                                                                                                                                                              Expires: Sat, 02 Nov 2024 13:10:16 GMT
                                                                                                                                                                                              Source-Age: 0
                                                                                                                                                                                              Strict-Transport-Security: max-age=63072000
                                                                                                                                                                                              2024-11-02 13:05:16 UTC1714INData Raw: 7b 0a 20 20 22 6f 70 65 6e 61 70 69 22 3a 20 22 33 2e 31 2e 30 22 2c 0a 20 20 22 69 6e 66 6f 22 3a 20 7b 0a 20 20 20 20 22 74 69 74 6c 65 22 3a 20 22 61 72 78 69 76 20 73 65 61 72 63 68 22 2c 0a 20 20 20 20 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 20 22 52 75 6e 20 41 72 78 69 76 20 73 65 61 72 63 68 20 61 6e 64 20 67 65 74 20 74 68 65 20 61 72 74 69 63 6c 65 20 69 6e 66 6f 72 6d 61 74 69 6f 6e 2e 22 2c 0a 20 20 20 20 22 76 65 72 73 69 6f 6e 22 3a 20 22 76 31 2e 30 2e 30 22 0a 20 20 7d 2c 0a 20 20 22 73 65 72 76 65 72 73 22 3a 20 5b 0a 20 20 20 20 7b 0a 20 20 20 20 20 20 22 75 72 6c 22 3a 20 22 68 74 74 70 73 3a 2f 2f 65 78 70 6f 72 74 2e 61 72 78 69 76 2e 6f 72 67 22 0a 20 20 20 20 7d 0a 20 20 5d 2c 0a 20 20 22 70 61 74 68 73 22 3a 20 7b 0a 20 20 20 20
                                                                                                                                                                                              Data Ascii: { "openapi": "3.1.0", "info": { "title": "arxiv search", "description": "Run Arxiv search and get the article information.", "version": "v1.0.0" }, "servers": [ { "url": "https://export.arxiv.org" } ], "paths": {


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              10192.168.2.649754132.145.248.224432820C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-11-02 13:05:16 UTC712OUTGET /https://raw.githubusercontent.com/ChatGPTNextWeb/NextChat-Awesome-Plugins/main/plugins/duckduckgolite/openapi.json HTTP/1.1
                                                                                                                                                                                              Host: ghp.ci
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              Origin: http://tauri.localhost
                                                                                                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                                                                                                              Sec-Fetch-Mode: cors
                                                                                                                                                                                              Sec-Fetch-Dest: empty
                                                                                                                                                                                              Referer: http://tauri.localhost/
                                                                                                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                              2024-11-02 13:05:16 UTC962INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: nginx
                                                                                                                                                                                              Date: Sat, 02 Nov 2024 13:05:16 GMT
                                                                                                                                                                                              Content-Type: text/plain; charset=utf-8
                                                                                                                                                                                              Content-Length: 1933
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Cache-Control: max-age=300
                                                                                                                                                                                              Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
                                                                                                                                                                                              ETag: "20c2697b93f237b9ebb57373d4e8b5e05cba27eef921c542669e0702d6dca224"
                                                                                                                                                                                              Strict-Transport-Security: max-age=31536000
                                                                                                                                                                                              X-Content-Type-Options: nosniff
                                                                                                                                                                                              X-Frame-Options: deny
                                                                                                                                                                                              X-XSS-Protection: 1; mode=block
                                                                                                                                                                                              X-GitHub-Request-Id: B9D5:36AFFE:36D1A39:3949781:6726238B
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Via: 1.1 varnish
                                                                                                                                                                                              X-Served-By: cache-fra-eddf8230126-FRA
                                                                                                                                                                                              X-Cache: MISS
                                                                                                                                                                                              X-Cache-Hits: 0
                                                                                                                                                                                              X-Timer: S1730552717.644676,VS0,VE89
                                                                                                                                                                                              Vary: Authorization,Accept-Encoding,Origin
                                                                                                                                                                                              Access-Control-Allow-Origin: *
                                                                                                                                                                                              Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                              X-Fastly-Request-ID: 78ff76181d56e0d761f511568ede9fa42722848a
                                                                                                                                                                                              Expires: Sat, 02 Nov 2024 13:10:16 GMT
                                                                                                                                                                                              Source-Age: 0
                                                                                                                                                                                              Strict-Transport-Security: max-age=63072000
                                                                                                                                                                                              2024-11-02 13:05:16 UTC1933INData Raw: 7b 0a 20 20 22 6f 70 65 6e 61 70 69 22 3a 20 22 33 2e 31 2e 30 22 2c 0a 20 20 22 69 6e 66 6f 22 3a 20 7b 0a 20 20 20 20 22 74 69 74 6c 65 22 3a 20 22 64 75 63 6b 64 75 63 6b 67 6f 20 6c 69 74 65 22 2c 0a 20 20 20 20 22 64 65 73 63 72 69 70 74 69 6f 6e 22 3a 20 22 61 20 73 65 61 72 63 68 20 65 6e 67 69 6e 65 2e 20 75 73 65 66 75 6c 20 66 6f 72 20 77 68 65 6e 20 79 6f 75 20 6e 65 65 64 20 74 6f 20 61 6e 73 77 65 72 20 71 75 65 73 74 69 6f 6e 73 20 61 62 6f 75 74 20 63 75 72 72 65 6e 74 20 65 76 65 6e 74 73 2e 20 69 6e 70 75 74 20 73 68 6f 75 6c 64 20 62 65 20 61 20 73 65 61 72 63 68 20 71 75 65 72 79 2e 22 2c 0a 20 20 20 20 22 76 65 72 73 69 6f 6e 22 3a 20 22 76 31 2e 30 2e 30 22 0a 20 20 7d 2c 0a 20 20 22 73 65 72 76 65 72 73 22 3a 20 5b 0a 20 20 20 20 7b
                                                                                                                                                                                              Data Ascii: { "openapi": "3.1.0", "info": { "title": "duckduckgo lite", "description": "a search user. useful for when you need to answer questions about current events. input should be a search query.", "version": "v1.0.0" }, "servers": [ {


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              11192.168.2.649768142.250.138.944432820C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-11-02 13:05:17 UTC677OUTGET /s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2 HTTP/1.1
                                                                                                                                                                                              Host: fonts.gstatic.com
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117", "Microsoft Edge WebView2";v="117"
                                                                                                                                                                                              Origin: http://tauri.localhost
                                                                                                                                                                                              sec-ch-ua-mobile: ?0
                                                                                                                                                                                              User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.47
                                                                                                                                                                                              sec-ch-ua-platform: "Windows"
                                                                                                                                                                                              Accept: */*
                                                                                                                                                                                              Sec-Fetch-Site: cross-site
                                                                                                                                                                                              Sec-Fetch-Mode: cors
                                                                                                                                                                                              Sec-Fetch-Dest: font
                                                                                                                                                                                              Referer: https://fonts.googleapis.com/
                                                                                                                                                                                              Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                              Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                              2024-11-02 13:05:17 UTC835INHTTP/1.1 200 OK
                                                                                                                                                                                              Accept-Ranges: bytes
                                                                                                                                                                                              Access-Control-Allow-Origin: *
                                                                                                                                                                                              Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
                                                                                                                                                                                              Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                              Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
                                                                                                                                                                                              Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
                                                                                                                                                                                              Timing-Allow-Origin: *
                                                                                                                                                                                              Content-Length: 39412
                                                                                                                                                                                              X-Content-Type-Options: nosniff
                                                                                                                                                                                              Server: sffe
                                                                                                                                                                                              X-XSS-Protection: 0
                                                                                                                                                                                              Date: Sat, 02 Nov 2024 01:05:10 GMT
                                                                                                                                                                                              Expires: Sun, 02 Nov 2025 01:05:10 GMT
                                                                                                                                                                                              Cache-Control: public, max-age=31536000
                                                                                                                                                                                              Last-Modified: Wed, 14 Feb 2024 22:43:09 GMT
                                                                                                                                                                                              Content-Type: font/woff2
                                                                                                                                                                                              Age: 43207
                                                                                                                                                                                              Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              2024-11-02 13:05:17 UTC543INData Raw: 77 4f 46 32 00 01 00 00 00 00 99 f4 00 15 00 00 00 01 1b d8 00 00 99 7d 00 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 1a 86 44 1b bc 20 1c 86 5e 3f 48 56 41 52 88 22 3f 4d 56 41 52 50 06 60 3f 53 54 41 54 81 4e 27 2e 00 82 34 2f 6c 11 08 0a 81 89 2c ec 0f 0b 84 34 00 30 82 b4 70 01 36 02 24 03 88 64 04 20 05 86 4a 07 89 36 0c 07 5b 9b 09 51 22 9b 3b 62 33 b7 89 00 70 b2 d9 56 65 9c a9 82 6d d3 e2 76 b7 aa 51 a2 01 4b 09 3b f6 14 6e 07 85 92 cc 11 d9 ff 9f 92 54 64 cc a4 68 d2 76 1b 03 d1 3f 94 33 0b 2a ca aa 2e 27 4a ae 0c 72 cc 1e 4d dd ab cf 31 30 9c 98 4e 45 ae 8e 92 14 ec d3 87 4b 71 29 ec 69 4a 5d b0 61 9a 4e 6c 51 de 22 8b fc a1 14 b9 e9 14 c6 81 5c a1 4e 5e 82 84 85 95 87 1e 5c 91 de ed fb b0 58 bc c4 5b 47 7f 2c be c8 7e
                                                                                                                                                                                              Data Ascii: wOF2}D ^?HVAR"?MVARP`?STATN'.4/l,40p6$d J6[Q";b3pVemvQK;nTdhv?3*.'JrM10NEKq)iJ]aNlQ"\N^\X[G,~
                                                                                                                                                                                              2024-11-02 13:05:17 UTC1378INData Raw: f6 b1 fe a2 ff ce d6 e6 9e a8 fb a2 06 6e 0f 00 b3 9b b0 63 14 0e f1 fd bf 5b fe 0c 81 ed 39 33 49 cd a8 8a dc e4 42 b2 8f 2c b5 6c 9b 67 5e 4b 7e e1 77 45 9c ad 03 5b 11 03 a6 72 5a ff 9d f0 60 06 e9 01 d2 e9 23 1d ae bf fe e5 e6 d1 6c cd fd 03 f2 02 25 71 62 20 d9 22 5b 84 2d 68 01 59 b2 65 3b f6 91 ae a4 aa 81 d5 a2 01 5a 36 1f 10 44 77 cf e9 73 94 8d 64 fb 39 c8 39 fa ec 88 c0 bc 60 da dd 21 8d b0 bb ac fe 21 28 9d 79 27 4b 06 0c 11 76 99 54 69 9b f5 29 5c 34 e1 a2 43 2c 4d fc c0 20 99 34 bc 4d ad 7f c2 01 7c 03 84 92 46 60 5b b6 e5 24 7b c0 54 dd ef a8 53 26 fb b1 28 7f d1 03 b5 07 88 4b 21 87 c0 40 26 0e 9b b9 ce 5c d2 fe d8 13 85 42 39 1a 10 80 40 e0 e0 9c 0a e3 ee 74 2f 7c 91 c7 94 32 07 10 61 77 f5 24 90 20 48 3c d0 41 0a 81 16 06 65 00 c0 c3 5f
                                                                                                                                                                                              Data Ascii: nc[93IB,lg^K~wE[rZ`#l%qb "[-hYe;Z6Dwsd99`!!(y'KvTi)\4C,M 4M|F`[${TS&(K!@&\B9@t/|2aw$ H<Ae_
                                                                                                                                                                                              2024-11-02 13:05:17 UTC1378INData Raw: 74 d1 bf ef 61 25 46 de 9e ec c4 78 68 50 49 f9 94 49 f1 49 f8 fb c4 30 fc 4f 2e eb dd ee 00 48 62 d0 0e 70 04 16 80 25 ca 0e 70 74 9d 31 1d 43 d0 fe d4 f8 e9 df 53 d7 93 30 7e 5e 78 7e 7f af d7 49 4b 3b 53 1c 05 c4 a3 d0 52 4b a1 f1 24 38 e9 c2 b9 b3 a7 25 43 61 db b6 af 0d 1e 80 d9 65 00 b4 ff 06 9f 05 65 d9 5f b8 2a 1a c1 96 9e f5 56 9a b6 15 6a 17 4d 25 ee 64 fd 2f 44 13 0a 4c ce 01 e6 e6 5d 1c 90 dd a1 b8 02 67 e0 08 ec 51 ba 85 26 62 a2 20 36 5c 38 7c 77 13 d6 38 69 56 55 63 5e 9a a6 93 8a 55 df a1 e3 d4 82 a5 0e 59 26 7d 41 b3 c7 75 a8 2c 43 1f 25 84 23 ad d5 01 19 31 12 09 56 76 dd 71 44 f8 f6 e9 94 c1 1c 7a 95 cc c9 d0 ce 51 c9 7c 31 e4 37 70 75 24 58 6a 59 4b 2e 93 1b bd ae 6e 7d bc db 97 2b 96 2f 93 7e 73 d5 09 00 8c 26 63 7b 85 ac c9 8b 50 c6
                                                                                                                                                                                              Data Ascii: ta%FxhPIII0O.Hbp%pt1CS0~^x~IK;SRK$8%Caee_*VjM%d/DL]gQ&b 6\8|w8iVUc^UY&}Au,C%#1VvqDzQ|17pu$XjYK.n}+/~s&c{P
                                                                                                                                                                                              2024-11-02 13:05:17 UTC1378INData Raw: 9a 9c 42 52 53 a0 e9 1c 1c 5d 86 2c ae 3b 4b 6c 01 ea 74 22 f2 90 61 f8 f0 39 52 52 3a 4b 22 99 41 73 c3 81 eb 7d d4 4a 6c 1f 3c 8d 24 a6 31 d8 b5 cc 27 97 60 25 8b 84 a0 56 9c 65 53 6a f3 09 25 10 31 5d 51 16 a8 3d 22 d0 58 c6 6b 0a 4b a5 a1 47 30 09 99 a1 48 6f dc f7 61 58 96 bf fb 4d 3b 00 3c 52 64 c8 f1 44 d7 37 ea 93 67 9b d7 2c 4e 00 cd ef d3 c1 b7 4a d3 c2 29 71 c5 c5 40 c8 00 f5 79 06 05 7d c6 73 ff 2d 7c 59 0d 56 65 ce c6 7d 73 da 75 2d 92 39 fc 32 4f d6 b3 65 03 7d 76 bd 90 59 c6 ac 90 7d ea 2b 80 1a 5b 88 f3 33 90 f0 1b d1 e0 5b 46 43 76 11 a6 18 1e ce 67 0b 1b 9a 9f 2f e2 b0 78 37 dd 72 c7 5d 84 08 8b 45 f0 78 84 9c 1c 52 52 42 b7 06 4b dc b6 e8 ae 25 ee 59 f4 20 c1 12 e1 66 f9 e0 e6 a4 9e bd 5f 21 81 60 83 7c 04 0b 19 01 57 6a 8c 82 7e a3 70
                                                                                                                                                                                              Data Ascii: BRS],;Klt"a9RR:K"As}Jl<$1'`%VeSj%1]Q="XkKG0HoaXM;<RdD7g,NJ)q@y}s-|YVe}su-92Oe}vY}+[3[FCvg/x7r]ExRRBK%Y f_!`|Wj~p
                                                                                                                                                                                              2024-11-02 13:05:17 UTC1378INData Raw: 75 fa d3 03 c8 d3 ae f3 1a ae a0 c4 c2 2b 0f fe 4e 1e fb 6c b4 d4 44 ee 74 d3 4d 78 0d 19 70 03 00 b3 0d 57 15 ce 8c 6e ad 65 4e 45 e2 7b b4 71 be d9 68 5f 0f 8d f0 13 15 c1 fa a3 f5 67 8b 30 c3 bc 35 ae 0a 20 f6 57 f2 3d 36 4f 9f e7 b5 b3 ce b7 84 2a 52 db a3 e2 fb 54 90 3d 94 4f b6 dd a1 d8 0f eb 11 aa a3 c3 a1 1c 38 ed 69 d9 15 2e 6f 9f 5d f5 4c 8d cf 41 fb 1b bc 50 b3 ae da 40 aa 6a 5b 19 17 10 e3 32 dc b7 43 a8 ef e2 60 1c 4e f9 2a d8 08 e9 d1 b8 28 03 ec 3c 13 80 6e 93 43 c6 8c 2f c0 3e 83 cd b8 13 00 9b ae 3e 95 4c 7c 94 5e 51 10 8d 09 3c 13 c8 0e df bc 2d 34 0d 6e 05 b0 97 cd ed 66 4a 0f ff 73 c8 59 2b ec c2 4c 6f 74 6a c0 d8 a4 65 ed 04 df 33 9b 7f 1e d7 5c b6 c8 61 b7 1c f0 c2 45 4f 1c b5 cc 3e 4b dc b6 c0 62 17 9c 9a bf da 0e cf ad 72 c3 11 cd
                                                                                                                                                                                              Data Ascii: u+NlDtMxpWneNE{qh_g05 W=6O*RT=O8i.o]LAP@j[2C`N*(<nC/>>L|^Q<-4nfJsY+Lotje3\aEO>Kbr
                                                                                                                                                                                              2024-11-02 13:05:17 UTC1378INData Raw: a1 b7 ad d4 a4 84 7b 70 ab 61 70 8b 2c 7f 59 9d 73 46 65 8c 4d 4c 24 86 6c 85 68 34 0b 05 4c 57 9b de 84 cb 75 09 f3 62 63 8d 62 02 b0 fb 07 0a ff 4c 96 56 ca 73 c9 cc 4b b2 59 7c bf dd 2c 9a 7b a5 e6 7b 6c 97 23 53 8e 88 01 3a 95 9e 4d fb da 8f 83 55 63 04 36 d8 c6 be db 2c 83 da b3 ee 69 d0 af 27 4e f3 16 db 21 b8 5e af 6b 0f f8 29 e4 a8 dd 9e 48 08 de 52 bb 8d 4a 70 74 d4 69 ab 67 ca 10 60 92 50 46 38 4a 9a b3 a2 18 47 59 4a fe 7d 32 6e 2a c8 41 96 89 0d ea a6 c4 16 48 0e 01 a1 88 b0 22 04 fc 74 a2 a4 59 18 19 31 65 97 9c d9 cc d0 68 9a 4e af 22 35 f2 c6 c3 05 c5 29 fe 55 60 96 2f 49 31 2e f6 7f fc fc 03 de f4 ec 6b 47 c8 d4 f4 13 38 82 81 04 c9 1d c8 3b 58 34 a0 64 4f c8 97 78 1e de 41 7b 31 9f 2e 2d fa a4 b0 1f 19 5e 8c d7 8a 0e bc 0e 72 e3 27 00 0a
                                                                                                                                                                                              Data Ascii: {pap,YsFeML$lh4LWubcbLVsKY|,{{l#S:MUc6,i'N!^k)HRJptig`PF8JGYJ}2n*AH"tY1ehN"5)U`/I1.kG8;X4dOxA{1.-^r'
                                                                                                                                                                                              2024-11-02 13:05:17 UTC1378INData Raw: 1e 51 47 78 af 49 e1 30 b4 85 db 65 1f e4 8d 7b e0 05 69 b3 0e 6f d6 da 5c 44 7a 68 68 d9 8f 2f a9 68 a8 03 86 f2 82 04 18 b1 9d bb d3 72 8b 05 d8 db 70 32 db 78 e7 91 dd 61 31 74 95 47 99 7b a9 a7 19 36 0a 18 88 08 b6 7b 07 0a 7b c1 53 d2 35 40 f8 92 f4 48 57 95 f8 b7 3d c2 90 bd 19 bc 73 d7 1c 0d 54 ec 0c 6e a1 24 e4 37 5e cb bf 85 8d e3 fa ce c6 56 0b e5 56 51 7d c1 a7 2c d0 b7 18 6d 25 25 ea 79 62 9b ac b9 4a 2f fa 30 03 27 23 f1 47 b1 db c7 c1 01 db 52 53 11 7c d8 d5 64 9b 03 04 43 96 9f cc cf 9a 72 e1 da c5 25 a8 97 bd 20 f3 89 9b fe e2 ea 45 d5 20 bd c3 87 83 73 3b 83 d8 77 eb a1 36 60 7b 82 5f d6 da d9 2e c5 4b 97 ad e8 10 98 2c 8b 9e 5b c2 aa 79 c5 03 b5 6e cc a8 0e 1f 19 65 2e d5 cb 44 d3 54 da ea 3b 80 04 85 fd fb d1 ff 9e 3a a5 73 56 75 12 fd
                                                                                                                                                                                              Data Ascii: QGxI0e{io\Dzhh/hrp2xa1tG{6{{S5@HW=sTn$7^VVQ},m%%ybJ/0'#GRS|dCr% E s;w6`{_.K,[yne.DT;:sVu
                                                                                                                                                                                              2024-11-02 13:05:17 UTC1378INData Raw: b9 9b c6 36 89 0c fe d8 8d 73 27 36 91 fc 87 12 43 82 11 f1 a5 0b 27 44 43 bf d9 d8 51 8c d2 d2 c4 95 c7 0c 12 9a c3 a2 fa d5 36 66 03 4d 54 69 09 d2 f2 de 91 72 de a3 29 1c 46 3d 54 c5 7e b2 2b 8d e3 62 d2 aa a5 5b b9 2c da 9b e1 a9 0a 98 c5 c1 f2 f5 c6 85 65 21 4b 8d f5 7f 13 3c 15 ab 75 0b be 09 e2 8d f3 ca d7 82 74 de 9f 4b 68 1e 27 f8 cd 51 7b 3f 35 1e 5f c5 5a dd e2 a7 a1 4a 68 61 f9 7a 60 fc 7f c9 d9 b3 b2 fc aa 8f 0a c6 6f 8c f0 c3 87 dc 87 e2 fc b1 1b 3f 28 c8 af 3a 23 2b 3d 0b a0 19 57 6c 57 ae db af f3 23 fe dc 0e ce b6 4d 2f 0b 90 fc 7f 1a 57 22 a3 85 61 b8 16 30 bf f7 fe e1 05 36 19 5d 87 c3 9b 2b c1 e3 ca f6 81 ec 81 e8 ed f2 82 9c bb 62 b8 39 ca da a4 08 f2 b7 c5 c4 3b c6 8c e5 6f 6f 8d 46 fc ed 51 c9 f6 fe 31 0d 84 7e 08 92 cb 21 03 71 7a
                                                                                                                                                                                              Data Ascii: 6s'6C'DCQ6fMTir)F=T~+b[,e!K<utKh'Q{?5_ZJhaz`o?(:#+=WlW#M/W"a06]+b9;ooFQ1~!qz
                                                                                                                                                                                              2024-11-02 13:05:17 UTC1378INData Raw: 8f 16 78 59 f6 e1 1f 77 44 0d 1d 38 95 cc 56 26 a1 52 1f d9 59 10 fa 0b 33 e3 cb 1e 8e 4a e5 6f a9 34 69 ea 51 a3 ca dc be 28 4a c0 3b f1 4d 05 ed 91 89 be f2 c7 a8 94 eb 00 a6 e4 e4 47 3e 8c ef 1b f0 ce bf 4e cd f8 49 e6 d4 ac 79 4b 26 5c 4b 7e 1e ab 4e d5 1a fd 7c 7a 50 7e 3d 01 62 03 6f 3f 49 be 1d a8 dd 32 70 e0 e5 39 9b ed 93 8c 8d 9b af 00 55 70 f0 cc 40 d5 bc 1b e1 53 ab bb 32 33 dd ab 0f b4 cc fe a2 ea f4 40 6d f7 7b d1 0d f3 62 14 6a fb 86 33 91 a9 87 6a a6 1f 6d f9 78 7d 1b 89 b5 ea c1 b4 11 c7 80 b5 e5 b4 ec ac 2c f5 64 cc d7 91 a6 43 98 c3 98 d4 c3 10 c0 77 9c a8 ad 7f fa 3e 2a 59 fc f4 78 03 40 3d 37 4f 90 75 f9 ef e5 0d 4e 07 82 8d df b6 7d 6b 9f 77 77 1e 48 0d e4 0c c4 b2 07 00 36 c2 35 bb f3 9b 0f d0 73 6e 5c 10 ff 72 c1 fb 5e cb e6 16 70
                                                                                                                                                                                              Data Ascii: xYwD8V&RY3Jo4iQ(J;MG>NIyK&\K~N|zP~=bo?I2p9Up@S23@m{bj3jmx},dCw>*Yx@=7OuN}kwwH65sn\r^p
                                                                                                                                                                                              2024-11-02 13:05:17 UTC1378INData Raw: 6c d5 49 78 fe 35 f8 5a 1b 8b f6 1c df e7 ff bf f3 f2 91 35 dc f6 3a b8 6e 85 56 14 aa e2 82 44 5d 39 eb 95 d1 54 60 34 d4 2d ad a8 a8 1f 09 1b de 1a e0 1f 95 52 e2 32 f5 c6 67 a7 a2 67 54 09 98 65 3d 46 87 86 8c af 58 70 39 0d b7 8d 46 5f c6 d6 18 ce 32 3a 6d 1b 1e 10 ba 8e 55 57 5f 1d 3f 05 5a 1d 5c 4d a6 3f da 1f b3 ae 33 e9 f2 f8 1a 56 16 a7 3a 9e cb 2f 72 00 cf 13 ff f7 4c 32 9e a5 6d 36 a7 94 1e a4 17 0f 13 4d 48 a1 b6 80 80 9c b2 80 22 b6 55 b6 b1 24 3c e8 1c a5 89 61 19 ed 6a 55 04 8a 86 5c fb 8f fe b7 c2 39 89 50 52 d9 dd 28 71 b2 db 9d 32 ec ae ef 4c b1 11 f3 28 b8 dd 26 da 57 1f 9e 01 2b f6 e0 3f 2c 29 f9 10 8f 3b 2e 37 1f 3f 85 c5 ef ba b7 c9 7b c0 a1 99 8d f5 93 9a 8d bc a6 84 d2 58 31 74 e6 da 82 27 28 0d 14 72 ba 95 41 18 b3 60 2e 34 91 28
                                                                                                                                                                                              Data Ascii: lIx5Z5:nVD]9T`4-R2ggTe=FXp9F_2:mUW_?Z\M?3V:/rL2m6MH"U$<ajU\9PR(q2L(&W+?,);.7?{X1t'(rA`.4(


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              12192.168.2.650011162.159.61.34432820C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-11-02 13:06:05 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                              Host: chrome.cloudflare-dns.com
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Content-Length: 128
                                                                                                                                                                                              Accept: application/dns-message
                                                                                                                                                                                              Accept-Language: *
                                                                                                                                                                                              User-Agent: Chrome
                                                                                                                                                                                              Accept-Encoding: identity
                                                                                                                                                                                              Content-Type: application/dns-message
                                                                                                                                                                                              2024-11-02 13:06:05 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 04 65 64 67 65 09 6d 69 63 72 6f 73 6f 66 74 03 63 6f 6d 00 00 41 00 01 00 00 29 10 00 00 00 00 00 00 51 00 0c 00 4d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii: edgemicrosoftcomA)QM
                                                                                                                                                                                              2024-11-02 13:06:05 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: cloudflare
                                                                                                                                                                                              Date: Sat, 02 Nov 2024 13:06:05 GMT
                                                                                                                                                                                              Content-Type: application/dns-message
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Access-Control-Allow-Origin: *
                                                                                                                                                                                              Content-Length: 468
                                                                                                                                                                                              CF-RAY: 8dc4570149344606-DFW
                                                                                                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                              2024-11-02 13:06:05 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 01 00 01 04 65 64 67 65 09 6d 69 63 72 6f 73 6f 66 74 03 63 6f 6d 00 00 41 00 01 c0 0c 00 05 00 01 00 00 0d e1 00 2d 12 65 64 67 65 2d 6d 69 63 72 6f 73 6f 66 74 2d 63 6f 6d 0b 64 75 61 6c 2d 61 2d 30 30 33 36 08 61 2d 6d 73 65 64 67 65 03 6e 65 74 00 c0 4f 00 06 00 01 00 00 00 c1 00 23 03 6e 73 31 c0 4f 06 6d 73 6e 68 73 74 c0 11 78 2b 22 e5 00 00 07 08 00 00 03 84 00 24 ea 00 00 00 00 f0 00 00 29 04 d0 00 00 00 00 01 3d 00 0c 01 39 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii: edgemicrosoftcomA-edge-microsoft-comdual-a-0036a-msedgenetO#ns1Omsnhstx+"$)=9


                                                                                                                                                                                              Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                              13192.168.2.650012162.159.61.34432820C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              TimestampBytes transferredDirectionData
                                                                                                                                                                                              2024-11-02 13:06:05 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                              Host: chrome.cloudflare-dns.com
                                                                                                                                                                                              Connection: keep-alive
                                                                                                                                                                                              Content-Length: 128
                                                                                                                                                                                              Accept: application/dns-message
                                                                                                                                                                                              Accept-Language: *
                                                                                                                                                                                              User-Agent: Chrome
                                                                                                                                                                                              Accept-Encoding: identity
                                                                                                                                                                                              Content-Type: application/dns-message
                                                                                                                                                                                              2024-11-02 13:06:05 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 04 65 64 67 65 09 6d 69 63 72 6f 73 6f 66 74 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 51 00 0c 00 4d 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii: edgemicrosoftcom)QM
                                                                                                                                                                                              2024-11-02 13:06:05 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                              Server: cloudflare
                                                                                                                                                                                              Date: Sat, 02 Nov 2024 13:06:05 GMT
                                                                                                                                                                                              Content-Type: application/dns-message
                                                                                                                                                                                              Connection: close
                                                                                                                                                                                              Access-Control-Allow-Origin: *
                                                                                                                                                                                              Content-Length: 468
                                                                                                                                                                                              CF-RAY: 8dc45701494f3aac-DFW
                                                                                                                                                                                              alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                              2024-11-02 13:06:05 UTC468INData Raw: 00 00 81 80 00 01 00 04 00 00 00 01 04 65 64 67 65 09 6d 69 63 72 6f 73 6f 66 74 03 63 6f 6d 00 00 01 00 01 c0 0c 00 05 00 01 00 00 0d fa 00 2d 12 65 64 67 65 2d 6d 69 63 72 6f 73 6f 66 74 2d 63 6f 6d 0b 64 75 61 6c 2d 61 2d 30 30 33 36 08 61 2d 6d 73 65 64 67 65 03 6e 65 74 00 c0 30 00 05 00 01 00 00 00 26 00 02 c0 43 c0 43 00 01 00 01 00 00 00 26 00 04 cc 4f c5 ef c0 43 00 01 00 01 00 00 00 26 00 04 0d 6b 15 ef 00 00 29 04 d0 00 00 00 00 01 3e 00 0c 01 3a 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                              Data Ascii: edgemicrosoftcom-edge-microsoft-comdual-a-0036a-msedgenet0&CC&OC&k)>:


                                                                                                                                                                                              Statistics

                                                                                                                                                                                              CPU Usage

                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                              Memory Usage

                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                              High Level Behavior Distribution

                                                                                                                                                                                              Click to dive into process behavior distribution

                                                                                                                                                                                              Behavior

                                                                                                                                                                                              Click to jump to process

                                                                                                                                                                                              System Behavior

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:0
                                                                                                                                                                                              Start time:09:05:01
                                                                                                                                                                                              Start date:02/11/2024
                                                                                                                                                                                              Path:C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Users\user\Desktop\SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe"
                                                                                                                                                                                              Imagebase:0x7ff64c3e0000
                                                                                                                                                                                              File size:12'247'040 bytes
                                                                                                                                                                                              MD5 hash:68388F9B51B413FA68207229BE176B28
                                                                                                                                                                                              Has elevated privileges:true
                                                                                                                                                                                              Has administrator privileges:true
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:low
                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:3
                                                                                                                                                                                              Start time:09:05:02
                                                                                                                                                                                              Start date:02/11/2024
                                                                                                                                                                                              Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --embedded-browser-webview=1 --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --noerrdialogs --embedded-browser-webview-dpi-awareness=2 --disable-features=msWebOOUI,msPdfOOUI,msSmartScreenProtection --enable-features=MojoIpcz --lang=en-GB --mojo-named-platform-channel-pipe=7096.7040.2643601424697135273
                                                                                                                                                                                              Imagebase:0x7ff6e4a90000
                                                                                                                                                                                              File size:3'749'328 bytes
                                                                                                                                                                                              MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:moderate
                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:4
                                                                                                                                                                                              Start time:09:05:02
                                                                                                                                                                                              Start date:02/11/2024
                                                                                                                                                                                              Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=crashpad-handler --user-data-dir=C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView\Crashpad --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=117.0.5938.132 "--annotation=exe=C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --annotation=plat=Win64 "--annotation=prod=Edge WebView2" --annotation=ver=117.0.2045.47 --initial-client-data=0x15c,0x160,0x164,0x138,0x16c,0x7ffd93e68e88,0x7ffd93e68e98,0x7ffd93e68ea8
                                                                                                                                                                                              Imagebase:0x7ff6e4a90000
                                                                                                                                                                                              File size:3'749'328 bytes
                                                                                                                                                                                              MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:moderate
                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:6
                                                                                                                                                                                              Start time:09:05:04
                                                                                                                                                                                              Start date:02/11/2024
                                                                                                                                                                                              Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=1816 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:2
                                                                                                                                                                                              Imagebase:0x7ff6e4a90000
                                                                                                                                                                                              File size:3'749'328 bytes
                                                                                                                                                                                              MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:moderate
                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:7
                                                                                                                                                                                              Start time:09:05:04
                                                                                                                                                                                              Start date:02/11/2024
                                                                                                                                                                                              Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2172 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:3
                                                                                                                                                                                              Imagebase:0x7ff6e4a90000
                                                                                                                                                                                              File size:3'749'328 bytes
                                                                                                                                                                                              MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:moderate
                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:8
                                                                                                                                                                                              Start time:09:05:04
                                                                                                                                                                                              Start date:02/11/2024
                                                                                                                                                                                              Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-GB --service-sandbox-type=service --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --mojo-platform-channel-handle=2940 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:8
                                                                                                                                                                                              Imagebase:0x7ff6e4a90000
                                                                                                                                                                                              File size:3'749'328 bytes
                                                                                                                                                                                              MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:moderate
                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:9
                                                                                                                                                                                              Start time:09:05:04
                                                                                                                                                                                              Start date:02/11/2024
                                                                                                                                                                                              Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=renderer --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --disable-nacl --first-renderer-process --lang=en-GB --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --js-flags="--harmony-weak-refs-with-cleanup-some --expose-gc --ms-user-locale=en_CH" --time-ticks-at-unix-epoch=-1730545340699955 --launch-time-ticks=7363961088 --mojo-platform-channel-handle=3484 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:1
                                                                                                                                                                                              Imagebase:0x7ff6e4a90000
                                                                                                                                                                                              File size:3'749'328 bytes
                                                                                                                                                                                              MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:moderate
                                                                                                                                                                                              Has exited:false

                                                                                                                                                                                              General

                                                                                                                                                                                              Target ID:14
                                                                                                                                                                                              Start time:09:07:04
                                                                                                                                                                                              Start date:02/11/2024
                                                                                                                                                                                              Path:C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe
                                                                                                                                                                                              Wow64 process (32bit):false
                                                                                                                                                                                              Commandline:"C:\Program Files (x86)\Microsoft\EdgeWebView\Application\117.0.2045.47\msedgewebview2.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --noerrdialogs --user-data-dir="C:\Users\user\AppData\Local\com.yida.chatgpt.next.web\EBWebView" --webview-exe-name=SecuriteInfo.com.Trojan.GenericKD.74442994.24259.8937.exe --webview-exe-version=2.15.6 --embedded-browser-webview=1 --embedded-browser-webview-dpi-awareness=2 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAAAAAA4AAAAAAAAAAAAAABEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --mojo-platform-channel-handle=744 --field-trial-handle=1824,i,12653778705746408830,16272959441275438957,262144 --enable-features=MojoIpcz --disable-features=msPdfOOUI,msSmartScreenProtection,msWebOOUI /prefetch:2
                                                                                                                                                                                              Imagebase:0x7ff6e4a90000
                                                                                                                                                                                              File size:3'749'328 bytes
                                                                                                                                                                                              MD5 hash:9909D978B39FB7369F511D8506C17CA0
                                                                                                                                                                                              Has elevated privileges:false
                                                                                                                                                                                              Has administrator privileges:false
                                                                                                                                                                                              Programmed in:C, C++ or other language
                                                                                                                                                                                              Reputation:moderate
                                                                                                                                                                                              Has exited:true

                                                                                                                                                                                              Disassembly

                                                                                                                                                                                              No disassembly