Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
Setup.exe

Overview

General Information

Sample name:Setup.exe
Analysis ID:1554012
MD5:92c35fbe82bf7e416805c9286746ac4d
SHA1:c02243fb0053a5ba2eb71d8ccfe81553c3b4f191
SHA256:1ae950affe325dddd05586f66c1a4edd5133ffd13a8017759f8992ac27472e69
Infos:

Detection

Score:57
Range:0 - 100
Whitelisted:false
Confidence:100%

Compliance

Score:20
Range:0 - 100

Signatures

Antivirus detection for URL or domain
Multi AV Scanner detection for dropped file
Creates multiple autostart registry keys
Found direct / indirect Syscall (likely to bypass EDR)
Machine Learning detection for sample
Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
Tries to harvest and steal browser information (history, passwords, etc)
Checks if Antivirus/Antispyware/Firewall program is installed (via WMI)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Detected non-DNS traffic on DNS port
Drops PE files
EXE planting / hijacking vulnerabilities found
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
HTTP GET or POST without a user agent
IP address seen in connection with other malware
Installs a global mouse hook
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
OS version to string mapping found (often used in BOTs)
PE file contains an invalid checksum
PE file contains more sections than normal
PE file contains sections with non-standard names
Queries sensitive BIOS Information (via WMI, Win32_Bios & Win32_BaseBoard, often done to detect virtual machines)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sigma detected: CurrentVersion Autorun Keys Modification
Stores files to the Windows start menu directory
Suricata IDS alerts with low severity for network traffic
Uses 32bit PE files
Uses insecure TLS / SSL version for HTTPS connection

Classification

Process Tree

  • System is w10x64
  • Setup.exe (PID: 3688 cmdline: "C:\Users\user\Desktop\Setup.exe" MD5: 92C35FBE82BF7E416805C9286746AC4D)
    • chrome.exe (PID: 5028 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://pcapp.store/installing.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&winver=19045&version=fa.1092c&nocache=20241111162518.134&_fcid=1731354202975821 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 612 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1904,i,16569833579586594677,17085664865935960481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 7356 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5176 --field-trial-handle=1904,i,16569833579586594677,17085664865935960481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
      • chrome.exe (PID: 7368 cmdline: "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 --field-trial-handle=1904,i,16569833579586594677,17085664865935960481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
    • nsx2B3B.tmp (PID: 7436 cmdline: "C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp" /internal 1731354202975821 /force MD5: 84EE733F8014D22DAD2DFEF725489980)
      • PcAppStore.exe (PID: 7972 cmdline: "C:\Users\user\PCAppStore\PcAppStore.exe" /init default MD5: 4B88D8ADA8D22622C30D581FC38EAA52)
        • explorer.exe (PID: 1028 cmdline: C:\Windows\Explorer.EXE MD5: 662F4F92FDE3557E86D110526BB578D5)
          • PcAppStore.exe (PID: 4752 cmdline: "C:\Users\user\PCAppStore\PCAppStore.exe" /init default MD5: 4B88D8ADA8D22622C30D581FC38EAA52)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 2412 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 3816 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 5528 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 5756 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 4396 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 4400 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 3724 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 3680 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 3200 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 3376 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 3944 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 2180 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 2464 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 4424 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 3748 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 3092 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 1856 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 4764 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 5816 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 6076 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 6664 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 5912 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 6276 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 5888 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 5952 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 3692 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
        • GkiQFNeggQCCdOqsaJMVyEE.exe (PID: 4204 cmdline: "C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe" MD5: 32B8AD6ECA9094891E792631BAEA9717)
      • Watchdog.exe (PID: 8004 cmdline: "C:\Users\user\PCAppStore\Watchdog.exe" /guid=2ED92742-89DC-DD72-92E8-869FA5A66493 /rid=20241111162608.285630578 /ver=fa.1092c MD5: 11F3801CB9FF046D6075F681971C4EB8)
  • cleanup

Malware Configuration

No configs have been found

Yara Signatures

No yara matches

Sigma Signatures

Sigma detected: CurrentVersion Autorun Keys Modification
Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: "C:\Users\user\PCAppStore\PCAppStore.exe" /init default, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp, ProcessId: 7436, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\PCAppStore

Suricata Signatures

TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2024-11-11T22:26:09.425592+010020283713Unknown Traffic192.168.2.557525167.99.235.203443TCP
2024-11-11T22:26:24.318661+010020283713Unknown Traffic192.168.2.557535167.99.235.203443TCP
2024-11-11T22:26:26.148946+010020283713Unknown Traffic192.168.2.557539167.99.235.203443TCP
2024-11-11T22:26:27.390920+010020283713Unknown Traffic192.168.2.557542167.99.235.203443TCP
2024-11-11T22:26:29.264151+010020283713Unknown Traffic192.168.2.557548167.99.235.203443TCP
2024-11-11T22:26:33.671322+010020283713Unknown Traffic192.168.2.557562167.99.235.203443TCP
2024-11-11T22:26:34.196301+010020283713Unknown Traffic192.168.2.557570167.99.235.203443TCP
2024-11-11T22:26:35.250091+010020283713Unknown Traffic192.168.2.557593147.182.211.77443TCP
2024-11-11T22:26:36.971083+010020283713Unknown Traffic192.168.2.557597147.182.211.77443TCP
2024-11-11T22:26:38.546200+010020283713Unknown Traffic192.168.2.557602167.99.235.203443TCP
2024-11-11T22:26:40.102953+010020283713Unknown Traffic192.168.2.557605167.99.235.203443TCP
2024-11-11T22:26:51.838113+010020283713Unknown Traffic192.168.2.557612167.99.235.203443TCP
2024-11-11T22:26:53.190746+010020283713Unknown Traffic192.168.2.557614167.99.235.203443TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus detection for URL or domain
Source: https://chrome.google.coNAvira URL Cloud: Label: malware
Multi AV Scanner detection for dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpReversingLabs: Detection: 45%
Source: C:\Users\user\PCAppStore\Uninstaller.exeReversingLabs: Detection: 29%
Machine Learning detection for sample
Source: Setup.exeJoe Sandbox ML: detected
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpEXE: C:\Users\user\PCAppStore\Watchdog.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpEXE: C:\Users\user\PCAppStore\AutoUpdater.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpEXE: C:\Users\user\PCAppStore\nwjs\NW_store.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpEXE: C:\Users\user\PCAppStore\PcAppStore.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpEXE: C:\Users\user\PCAppStore\Uninstaller.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpEXE: C:\Users\user\PCAppStore\nwjs\notification_helper.exeJump to behavior
Source: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092cHTTP Parser: No favicon
Source: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092cHTTP Parser: No favicon
Source: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092cHTTP Parser: No favicon
Source: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092cHTTP Parser: No favicon

Compliance

barindex
EXE planting / hijacking vulnerabilities found
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpEXE: C:\Users\user\PCAppStore\Watchdog.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpEXE: C:\Users\user\PCAppStore\AutoUpdater.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpEXE: C:\Users\user\PCAppStore\nwjs\NW_store.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpEXE: C:\Users\user\PCAppStore\PcAppStore.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpEXE: C:\Users\user\PCAppStore\Uninstaller.exeJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpEXE: C:\Users\user\PCAppStore\nwjs\notification_helper.exeJump to behavior
Uses 32bit PE files
Source: Setup.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
Uses insecure TLS / SSL version for HTTPS connection
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:49714 version: TLS 1.0
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49745 version: TLS 1.0
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49815 version: TLS 1.0
Creates a software uninstall entry
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCAppStoreJump to behavior
Creates license or readme file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\ui\static\js\2.801b9d83.chunk.js.LICENSE.txtJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\ReadMe.txtJump to behavior
PE / OLE file has a valid certificate
Source: Setup.exeStatic PE information: certificate valid
Uses secure TLS version for HTTPS connections
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:49706 version: TLS 1.2
Source: unknownHTTPS traffic detected: 37.19.194.80:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49720 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49750 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49754 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49793 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49803 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.5:49805 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:49811 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:49817 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57525 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.239.94.39:443 -> 192.168.2.5:57524 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.5:57526 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57542 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57545 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57548 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57570 version: TLS 1.2
Source: unknownHTTPS traffic detected: 147.182.211.77:443 -> 192.168.2.5:57593 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.239.94.39:443 -> 192.168.2.5:57594 version: TLS 1.2
Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.5:57598 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.213.254:443 -> 192.168.2.5:57607 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:57608 version: TLS 1.2
Source: unknownHTTPS traffic detected: 150.171.73.254:443 -> 192.168.2.5:57609 version: TLS 1.2
Source: unknownHTTPS traffic detected: 150.171.73.254:443 -> 192.168.2.5:57610 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57612 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57613 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57614 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.239.94.39:443 -> 192.168.2.5:57615 version: TLS 1.2
Contains modern PE file flags such as dynamic base (ASLR) or NX
Source: Setup.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Binary contains paths to debug symbols
Source: Binary string: C:\Build\Build_1092c_D20241025T171023\fa_rss\Watchdog\x64\Release\Watchdog.pdb source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002719000.00000004.00000020.00020000.00000000.sdmp, Watchdog.exe, 0000000C.00000002.4047676086.00007FF7D1ADA000.00000002.00000001.01000000.00000017.sdmp, Watchdog.exe, 0000000C.00000000.2696093430.00007FF7D1ADA000.00000002.00000001.01000000.00000017.sdmp
Source: Binary string: C:\Build\Build_1092c_D20241025T171023\fa_rss\AppStoreUpdater\Release\auto_updater.pdb1 source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002E04000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: R:\JoeSecurity\trunk\src\windows\usermode\tools\FakeChrome\Release\Chrome.pdb source: GkiQFNeggQCCdOqsaJMVyEE.exe, 0000000F.00000000.2752370370.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000011.00000000.2754394429.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000012.00000002.4026359781.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000013.00000002.4026094885.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000014.00000002.4025945379.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000015.00000000.2768953481.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000016.00000000.2770730459.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000017.00000002.4024583252.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000018.00000000.2773480947.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000019.00000000.2776032591.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 0000001A.00000000.2779227483.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 0000001B.00000000.2781138726.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 0000001C.00000002.4028352129.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 0000001D.00000000.2787133777.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 0000001F.00000002.4025618045.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000020.00000000.2800034264.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000021.00000002.4029699030.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000022.00000002.4028626320.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000023.00000002.4026494922.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000024.00000000.2808430301.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000025.00000000.2810198371.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000026.00000002.4026676399.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000027.00000000.2812408471.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000028.00000002.4026385933.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000029.00000000.2819940539.000000000034E000.00000002.00000001.01000000.0000
Source: Binary string: C:\Users\zak\Downloads\Inetc\Unicode\Plugins\inetc.pdb source: Setup.exe, 00000000.00000002.2359482949.000000000040A000.00000004.00000001.01000000.00000003.sdmp
Source: Binary string: C:\Build\Build_1092c_D20241025T171023\fa_rss\engine\Release\PCAppStore.pdb source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000000.2694749245.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000002.4057616607.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801012931.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793792938.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmp
Source: Binary string: C:\Build\Build_1092c_D20241025T171023\fa_rss\AppStoreUpdater\Release\auto_updater.pdb source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002E04000.00000004.00000020.00020000.00000000.sdmp
Source: global trafficTCP traffic: 192.168.2.5:57515 -> 1.1.1.1:53
Source: global trafficHTTP traffic detected: GET /conf/v1/asgw/fpconfig.min.json HTTP/1.1Accept-Encoding: gzip, deflateHost: fp.msedge.netIf-None-Match: "392184522"Connection: Keep-Alive
Source: Joe Sandbox ViewIP Address: 209.222.21.115 209.222.21.115
Source: Joe Sandbox ViewIP Address: 147.182.211.77 147.182.211.77
Source: Joe Sandbox ViewIP Address: 167.99.235.203 167.99.235.203
Source: Joe Sandbox ViewJA3 fingerprint: 1138de370e523e824bbca92d049a3777
Source: Joe Sandbox ViewJA3 fingerprint: 28a2c9bd18a11de089ef85a160da29e4
Source: Joe Sandbox ViewJA3 fingerprint: 54328bd36c14bd82ddaa0c04b25ed9ad
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:57525 -> 167.99.235.203:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:57535 -> 167.99.235.203:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:57542 -> 167.99.235.203:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:57539 -> 167.99.235.203:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:57562 -> 167.99.235.203:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:57548 -> 167.99.235.203:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:57570 -> 167.99.235.203:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:57593 -> 147.182.211.77:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:57597 -> 147.182.211.77:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:57602 -> 167.99.235.203:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:57605 -> 167.99.235.203:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:57612 -> 167.99.235.203:443
Source: Network trafficSuricata IDS: 2028371 - Severity 3 - ET JA3 Hash - Possible Malware - Fake Firefox Font Update : 192.168.2.5:57614 -> 167.99.235.203:443
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:49714 version: TLS 1.0
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49745 version: TLS 1.0
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:49815 version: TLS 1.0
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 23.1.237.91
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: unknownTCP traffic detected without corresponding DNS query: 13.107.246.45
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_mini_installer&evt_action=show_page&p=wel&_fcid=1731354202975821 HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: pcapp.storeConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_mini_installer&evt_action=show_page&p=installing&_fcid=1731354202975821 HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: pcapp.storeConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_mini_installer&evt_action=start&permision=&_fcid=1731354202975821 HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: pcapp.storeConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_mini_installer&evt_action=download_start&_fcid=1731354202975821 HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: pcapp.storeConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /installing.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&winver=19045&version=fa.1092c&nocache=20241111162518.134&_fcid=1731354202975821 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /download.php?&src=mini_installer&file=1&mini_ver=fa.1092c HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: delivery.pcapp.storeConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c HTTP/1.1Host: pcapp.storeConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /images/front_img/lp/lpd_installing_r2/img/done_windows_icon.svg HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092cAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /src/main.js HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092cAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /lp/lpd_installing_r2/src/lpd_installing_r2.min.js?nocache=1709636059406 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092cAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global trafficHTTP traffic detected: GET /src/main.js HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /lp/lpd_installing_r2/src/lpd_installing_r2.min.js?nocache=1709636059406 HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /pcapp/images/front_img/lp/lpd_installing_r2/img/done_windows_icon.svg HTTP/1.1Host: repository.pcapp.storeConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pcapp.store/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323
Source: global trafficHTTP traffic detected: GET /pcapp/images/front_img/lp/lpd_installing_r2/img/done_windows_icon.svg HTTP/1.1Host: repository.pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323
Source: global trafficHTTP traffic detected: GET /td/ga/rul?tid=G-VFQWFX3X1C&gacid=367951386.1731360323&gtm=45je4b70v898645365za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629~102077854&z=136806735 HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://pcapp.store/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /pixelgif.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323
Source: global trafficHTTP traffic detected: GET /td/rul/858128210?random=1731360323996&cv=11&fst=1731360323996&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://pcapp.store/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global trafficHTTP traffic detected: GET /td/rul/858128210?random=1731360324075&cv=11&fst=1731360324075&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://pcapp.store/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global trafficHTTP traffic detected: GET /td/rul/858128210?random=1731360324107&cv=11&fst=1731360324107&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&label=kTaFCIuq0YYZENL-l5kD&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dconversion HTTP/1.1Host: td.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://pcapp.store/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global trafficHTTP traffic detected: GET /pagead/viewthroughconversion/858128210/?random=1731360324107&cv=11&fst=1731360324107&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&label=kTaFCIuq0YYZENL-l5kD&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dconversion&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://pcapp.store/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global trafficHTTP traffic detected: GET /pagead/1p-user-list/858128210/?random=1731360324107&cv=11&fst=1731358800000&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&label=kTaFCIuq0YYZENL-l5kD&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dconversion&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dteZIq5rAGF2SefPY-6KRy6GvqPBrE6svoIJiy1S0v8GJIpzm&random=4063220661&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pcapp.store/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /lp/appstore/img/favicon.ico HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092cAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /pagead/viewthroughconversion/858128210/?random=1731360324107&cv=11&fst=1731360324107&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&label=kTaFCIuq0YYZENL-l5kD&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dconversion&rfmt=3&fmt=4 HTTP/1.1Host: googleads.g.doubleclick.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: IDE=AHWqTUmj4f8fw-7FwgYOUCeLwcOBOTOfEot7hXEyk20wA-6pQfqs04TnSycLi7vy
Source: global trafficHTTP traffic detected: GET /pagead/1p-user-list/858128210/?random=1731360324107&cv=11&fst=1731358800000&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&label=kTaFCIuq0YYZENL-l5kD&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dconversion&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dteZIq5rAGF2SefPY-6KRy6GvqPBrE6svoIJiy1S0v8GJIpzm&random=4063220661&rmt_tld=0&ipr=y HTTP/1.1Host: www.google.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUXSec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global trafficHTTP traffic detected: GET /lp/appstore/img/favicon.ico HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=PlOGAW5Sm14mgv2&MD=U4rZXPB7 HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_mini_installer&evt_action=download_done&result=12345678-1234-5678-90AB-CDDEEFAABBCC&_fcid=1731354202975821 HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: pcapp.storeConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_mini_installer&evt_action=done&_fcid=1731354202975821 HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: pcapp.storeConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_installer&evt_action=internal&prev_v=fa.1092c HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: pcapp.storeConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_installer&evt_action=start&permision= HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: pcapp.storeConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_installer&evt_action=installing&e=03000200-0400-0500-0006-000700080009&u=67 HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: pcapp.storeConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_installer&evt_action=localmac&addon[]=EC-F4-BB-57-0D-C9 HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: pcapp.storeConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&inst_parent=&evt_src=fa_installer&evt_action=done HTTP/1.1User-Agent: NSIS_Inetc (Mozilla)Host: pcapp.storeConnection: Keep-AliveCache-Control: no-cache
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_product&evt_action=channel&id=-3&eng_time=1731365729572&nocache=5630890 HTTP/1.1Connection: Keep-AliveUser-Agent: WinHTTP 1.0Host: pcapp.store
Source: global trafficHTTP traffic detected: GET /p.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=watch_dog&evt_action=signal_event&data={"counter":0,"rid":"20241111162608.285630578","isPCAppRunning":1,"isNWStoreRunning":0,"registryInfo":{"pcAppInAutostart":1},"filesystemInfo":{"uiFolderExists":1,"uiFilesCount":55,"nwjsFolderExists":1,"nwjsFilesCount":132,"AutoUpdaterExeExists":1,"PcAppStoreExeExists":1,"pcappstoreIcoExists":1,"UninstallerExeExists":1,"NW_storeExeExists":1,"startupFolderLnkExists":1}}&eng_time=1731365729&nocache=5461 HTTP/1.1Accept: */*UA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: d74queuslupub.cloudfront.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=PlOGAW5Sm14mgv2&MD=U4rZXPB7 HTTP/1.1Connection: Keep-AliveAccept: */*User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_product&evt_action=started&prnt=nsx2B3B.tmp&sys_lang=en-GB&eng_time=1731365743707&nocache=5645921 HTTP/1.1Connection: Keep-AliveUser-Agent: WinHTTP 1.0Host: pcapp.store
Source: global trafficHTTP traffic detected: GET /src/main_code_nw.js HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_product&evt_action=message_sending_error&eM=unknown%20recipient%3A%20menu_search&eng_time=1731365743727&nocache=5647718 HTTP/1.1Connection: Keep-AliveUser-Agent: WinHTTP 1.0Host: pcapp.store
Source: global trafficHTTP traffic detected: GET /src/main_code_nw.js HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel.gif?evt_src=web&evt_action=new_fcid&ncrd=1731360386038&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_auto_updater&evt_action=start&&eng_time=1731360386471&nocache=287765 HTTP/1.1Connection: Keep-AliveUser-Agent: WinHTTP 1.0Host: pcapp.store
Source: global trafficHTTP traffic detected: GET /src/main_code_nw.js HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /fa_version.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&end_v=fa.1092c&nocache=288906 HTTP/1.1Accept: */*UA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: pcapp.storeConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /src/main_code_nw.js HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_auto_updater&evt_action=end&&eng_time=1731360388365&nocache=289640 HTTP/1.1Connection: Keep-AliveUser-Agent: WinHTTP 1.0Host: pcapp.store
Source: global trafficHTTP traffic detected: GET /src/main_code_nw.js HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /src/main_code_nw.js HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /src/main_code_nw.js HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /src/main_code_nw.js HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /appstore-taskbar/?a=notificationsTab&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&nocache=1731360391966 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Content-Type: application/json;charset=UTF-8Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /appstore-topbar/?a=init&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&nocache=1731360391973 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Content-Type: application/json;charset=UTF-8Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /appstore-widget/?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&nocache=1731360391976 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Content-Type: application/json;charset=UTF-8Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /search-menu/?a=getTemplate&version=fa.1092c&p[tmplType]=search&p[guid]=2ED92742-89DC-DD72-92E8-869FA5A66493&p[version]=fa.1092c HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Content-Type: application/json;charset=UTF-8Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /search-menu/?a=getTemplate&version=fa.1092c&p[tmplType]=menu&p[guid]=2ED92742-89DC-DD72-92E8-869FA5A66493&p[version]=fa.1092c HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Content-Type: application/json;charset=UTF-8Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /appstore-menu/?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&nocache=1731360391981 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Content-Type: application/json;charset=UTF-8Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_product&evt_action=windows_created&&eng_time=1731365753179&nocache=5654812 HTTP/1.1Connection: Keep-AliveUser-Agent: WinHTTP 1.0Host: pcapp.store
Source: global trafficHTTP traffic detected: GET /api/api.php?c=front&a=getAttrUserData&p[guid]=2ED92742-89DC-DD72-92E8-869FA5A66493&p[fields][]=fullname&p[fields][]=email&p[fields][]=firstname&p[fields][]=lastname HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Content-Type: application/json;charset=UTF-8Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /guid_is_dev.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-platform: "Windows"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36Content-Type: application/json;charset=UTF-8Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel.gif?evt_src=fa_notifications&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391931&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /images/front_img/logo/logo-light.svg HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: finishInstallInApp=done
Source: global trafficHTTP traffic detected: GET /notify_app_v2.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&lastid=0&lasttime=0&end_v=fa.1092c&nocache=5655328 HTTP/1.1Connection: Keep-AliveUser-Agent: WinHTTP 1.0Host: pcapp.store
Source: global trafficHTTP traffic detected: GET /api/api.php HTTP/1.1Host: pcapp.storeConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
Source: global trafficHTTP traffic detected: GET /pixel.gif?evt_src=fa_menu_store&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391937&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel.gif?evt_src=fa_settings&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391941&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel.gif?evt_src=fa_widget&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391946&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel.gif?evt_src=fa_menu_search&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391948&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel.gif?evt_src=fa_main_window&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391951&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /pcapp/images/3rdparty/offer_1515_win10.png HTTP/1.1Host: repcdn.pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel.gif?evt_src=fa_offer&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391953&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /pcapp/images/front_img/logo/logo-light.svg HTTP/1.1Host: repository.pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel.gif?evt_src=fa_topbar&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391956&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8
Source: global trafficHTTP traffic detected: GET /pixel.gif?evt_src=fa_offer&evt_action=show_welcome&count_show=true&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&oid=1831&otype=startmenu&p=a&ncrd=1731360393879&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: finishInstallInApp=done
Source: global trafficHTTP traffic detected: GET /pixel.gif?evt_src=fa_menu_store&evt_action=updated&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360393947&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: finishInstallInApp=done
Source: global trafficHTTP traffic detected: GET /p.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_pcdetails&evt_action=ext_chrome&data=%5B%22ahfgeienlihckogmohjhadlkjgocpleb%22,%22gdaefkejpgkiemlaofpalmlakkmbjdnl%22,%22mhjfbmdgcfjbbpaeojofohoefgiehjai%22,%22neajdppkdcdipfabeoofebfddakdcjhd%22,%22nkeimhogjdpnpccoofpliimaahmaaome%22,%22nmmhkkegccagdldgiimedpiccmgmieda%22%5D&eng_time=1731365754036&nocache=5656875 HTTP/1.1Connection: Keep-AliveUser-Agent: WinHTTP 1.0Host: ev.pcapp.store
Source: global trafficHTTP traffic detected: GET /p.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=watch_dog&evt_action=signal_event&data={"counter":0,"rid":"20241111162608.285630578","isPCAppRunning":1,"isNWStoreRunning":1,"registryInfo":{"pcAppInAutostart":1},"filesystemInfo":{"uiFolderExists":1,"uiFilesCount":55,"nwjsFolderExists":1,"nwjsFilesCount":132,"AutoUpdaterExeExists":1,"PcAppStoreExeExists":1,"pcappstoreIcoExists":1,"UninstallerExeExists":1,"NW_storeExeExists":1,"startupFolderLnkExists":1}}&eng_time=1731360394&nocache=5546 HTTP/1.1Accept: */*UA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: d74queuslupub.cloudfront.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /pixel.gif?evt_src=fa_menu_store&evt_action=open_start_menu&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360394919&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: finishInstallInApp=done
Source: global trafficHTTP traffic detected: GET /pixel.gif?evt_src=fa_menu_store&evt_action=show&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360395551&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: finishInstallInApp=done
Source: global trafficHTTP traffic detected: GET /p.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_pcdetails&evt_action=ext_edge&data=%5B%22ahfgeienlihckogmohjhadlkjgocpleb%22,%22dgiklkfkllikcanfonkcabmbdfmgleag%22,%22fikbjbembnmfhppjfnmfkahdhfohhjmg%22,%22ghbmnnjooekpmoecnnnilnnbdlolhkhi%22,%22iglcjdemknebjbklcgkfaebgojjphkec%22,%22ihmafllikibpmigkcoadcmckbfhibefp%22,%22jdiccldimpdaibmpdkjnbmckianbfold%22,%22jmjflgjpcpepeafmmgdpfkogkghcpiha%22,%22mhjfbmdgcfjbbpaeojofohoefgiehjai%22,%22ncbjelpjchkpbikbpkcchkhkblodoama%22,%22nkeimhogjdpnpccoofpliimaahmaaome%22%5D&eng_time=1731365754051&nocache=5658546 HTTP/1.1Connection: Keep-AliveUser-Agent: WinHTTP 1.0Host: ev.pcapp.store
Source: global trafficHTTP traffic detected: GET /conf/v1/asgw/fpconfig.min.json HTTP/1.1Accept-Encoding: gzip, deflateHost: fp.msedge.netIf-None-Match: "392184522"Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /pixel.gif?evt_src=fa_menu_store&evt_action=close&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360397555&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1Host: pcapp.storeConnection: keep-alivesec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en-US;q=0.9,en;q=0.8Cookie: finishInstallInApp=done
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_product&evt_action=notify_widget_hide&&eng_time=1731365754139&nocache=5660187 HTTP/1.1Connection: Keep-AliveUser-Agent: WinHTTP 1.0Host: pcapp.store
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_product&evt_action=contextual_offer&&eng_time=1731365755291&nocache=5661750 HTTP/1.1Connection: Keep-AliveUser-Agent: WinHTTP 1.0Host: pcapp.store
Source: global trafficHTTP traffic detected: GET /apc/trans.gif?0aa5491d47a14825fdf2da9985333f54 HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: t-ring-s2.msedge.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /apc/trans.gif?2c895810ae34135d4c9853c3a313042c HTTP/1.1Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/InitAccept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5Accept-Language: en-CHAccept-Encoding: gzip, deflate, brUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045Host: bx-ring.msedge.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_auto_updater&evt_action=start&&eng_time=1731360410936&nocache=312218 HTTP/1.1Connection: Keep-AliveUser-Agent: WinHTTP 1.0Host: pcapp.store
Source: global trafficHTTP traffic detected: GET /fa_version.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&end_v=fa.1092c&nocache=312796 HTTP/1.1Accept: */*UA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: pcapp.storeConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_auto_updater&evt_action=end&&eng_time=1731360412294&nocache=313578 HTTP/1.1Connection: Keep-AliveUser-Agent: WinHTTP 1.0Host: pcapp.store
Source: global trafficHTTP traffic detected: GET /p.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=watch_dog&evt_action=signal_event&data={"counter":0,"rid":"20241111162608.285630578","isPCAppRunning":1,"isNWStoreRunning":1,"registryInfo":{"pcAppInAutostart":1},"filesystemInfo":{"uiFolderExists":1,"uiFilesCount":55,"nwjsFolderExists":1,"nwjsFilesCount":132,"AutoUpdaterExeExists":1,"PcAppStoreExeExists":1,"pcappstoreIcoExists":1,"UninstallerExeExists":1,"NW_storeExeExists":1,"startupFolderLnkExists":1}}&eng_time=1731360419&nocache=5625 HTTP/1.1Accept: */*UA-CPU: AMD64Accept-Encoding: gzip, deflateUser-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)Host: d74queuslupub.cloudfront.netConnection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /notify_app_v2.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&lastid=0&lasttime=0&end_v=fa.1092c&nocache=5655328 HTTP/1.1Connection: Keep-AliveUser-Agent: WinHTTP 1.0Host: pcapp.store
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: %https://www.youtube.com/?feature=ytca equals www.youtube.com (Youtube)
Source: chrome.exe, 00000002.00000002.4071871017.00001E3000934000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: /www.youtube.com/J equals www.youtube.com (Youtube)
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4071871017.00001E3000934000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: @https://www.youtube.com/s/notifications/manifest/cr_install.html equals www.youtube.com (Youtube)
Source: chrome.exe, 00000002.00000002.4071871017.00001E3000934000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: ht/www.youtube.com/J equals www.youtube.com (Youtube)
Source: chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/ equals www.youtube.com (Youtube)
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/: equals www.youtube.com (Youtube)
Source: chrome.exe, 00000002.00000002.4079284680.00001E30010F0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4077167731.00001E3000F24000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/?feature=ytca equals www.youtube.com (Youtube)
Source: chrome.exe, 00000002.00000002.4079284680.00001E30010F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/?feature=ytcaogl equals www.youtube.com (Youtube)
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/J equals www.youtube.com (Youtube)
Source: chrome.exe, 00000002.00000002.4084067042.00001E3001888000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080231332.00001E30011D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/s/notifications/manifest/cr_install.html equals www.youtube.com (Youtube)
Source: chrome.exe, 00000002.00000002.4080231332.00001E30011D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/s/notifications/manifest/cr_install.htmllt equals www.youtube.com (Youtube)
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: www.youtube.com equals www.youtube.com (Youtube)
Source: global trafficDNS traffic detected: DNS query: pcapp.store
Source: global trafficDNS traffic detected: DNS query: delivery.pcapp.store
Source: global trafficDNS traffic detected: DNS query: repository.pcapp.store
Source: global trafficDNS traffic detected: DNS query: analytics.google.com
Source: global trafficDNS traffic detected: DNS query: stats.g.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: td.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: www.google.com
Source: global trafficDNS traffic detected: DNS query: google.com
Source: global trafficDNS traffic detected: DNS query: googleads.g.doubleclick.net
Source: global trafficDNS traffic detected: DNS query: d74queuslupub.cloudfront.net
Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
Source: global trafficDNS traffic detected: DNS query: ev.pcapp.store
Source: unknownHTTP traffic detected: POST /inst_cpg.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&version=fa.1092c&src=pcapp_mini&uc=16le HTTP/1.1Content-Type: application/jsonUser-Agent: NSIS_wininetHost: pcapp.storeContent-Length: 4668Cache-Control: no-cache
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:25:23 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:25:24 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:25:28 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:25:33 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:25:38 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:25:44 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:25:49 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:25:53 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:25:58 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:26:03 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:26:08 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:26:13 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:26:18 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:26:29 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: global trafficHTTP traffic detected: HTTP/1.1 404 Not FoundServer: nginxDate: Mon, 11 Nov 2024 21:26:34 GMTContent-Type: text/html; charset=UTF-8Transfer-Encoding: chunkedConnection: closeVary: Accept-EncodingVary: Accept-Encoding
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/1423136
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2162
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2517
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2517b
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2970
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2970rm
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3078
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3205
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3206
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3452
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3498
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3502
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3577
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3584
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3584p
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3586
Source: chrome.exe, 00000002.00000002.4073930362.00001E3000B68000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3623
Source: chrome.exe, 00000002.00000002.4073930362.00001E3000B68000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3624
Source: chrome.exe, 00000002.00000002.4073930362.00001E3000B68000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3625
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3832
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3862
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3965
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3970
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4324
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4384
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4405
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4405j
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4428
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4551
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4633
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4722
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4836
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4901
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4937
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5007
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5055
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5061
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5281
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5281k
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5371
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5375
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5421
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5430
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5535
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5658
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5750
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5881
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5881y
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5881~
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5901
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906c
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6041
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6048
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6048s
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6141
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6248
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6248_
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6439
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6651
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6692
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6692o
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6755
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6860
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6876
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6878
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6929
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6953
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7036
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7047
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7172
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7279
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7370
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7406
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7488
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7553
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7553n
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7556
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7724
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7760
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7761
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8162
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8215
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8229
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8280
Source: Setup.exe, 00000000.00000003.2358731878.0000000002BD4000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002E95000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002E04000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2798163757.000000000040A000.00000004.00000001.01000000.0000000F.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedG4RSA4096SHA256TimeStampingCA.crt0
Source: Setup.exe, 00000000.00000002.2361344008.0000000002C2A000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000003.2359245400.0000000002C29000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000003.2358731878.0000000002BD4000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002E95000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002E04000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2798163757.000000000040A000.00000004.00000001.01000000.0000000F.sdmpString found in binary or memory: http://cacerts.digicert.com/DigiCertTrustedRootG4.crt0C
Source: chrome.exe, 00000002.00000002.4069588046.00001E30006DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://clientservices.googleapis.com/chrome-variations/seed?osname=win&channel=stable&milestone=117
Source: Setup.exe, 00000000.00000002.2361344008.0000000002C2A000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000003.2359245400.0000000002C29000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000003.2358731878.0000000002BD4000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002E95000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002E04000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2798163757.000000000040A000.00000004.00000001.01000000.0000000F.sdmpString found in binary or memory: http://crl3.digicert.com/DigiCertTrustedRootG4.crl0
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjhkYWYwZDctOTExOS00MGQ5LTgyNjAt
Source: chrome.exe, 00000002.00000002.4078483667.00001E3001050000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/AMpg5-cnrANo_2018.8.8.0/2018.8.8.0_win64_win_third_pa
Source: chrome.exe, 00000002.00000002.4069337062.00001E3000670000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/V3P1l2hLvLw_7/7_all_sslErrorAssistant.crx3
Source: chrome.exe, 00000002.00000002.4069337062.00001E3000670000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/V3P1l2hLvLw_7/7_all_sslErrorAssistant.crx338/
Source: chrome.exe, 00000002.00000002.4072814833.00001E3000A38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/ac3jaavoltgfyc34eshs22baaooq_1128/efniojlnjndmcbiieeg
Source: chrome.exe, 00000002.00000002.4064873112.00001E3000120000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/ac6mhlwypzipnufijdvfyhdgvt4q_67/khaoiebndkojlmppeemjh
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.0/jamhcnnkihi
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/acccxbt6wwsvpxzpob4hojndwkqq_4.10.2830.0/oimompecagna
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/ad3skwo2srs5xchyxzz6ujgnedha_9.52.0/gcmjkmgdlgnkkcocm
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/adm5fg7myczym5ugfpmw2lireirq_2024.11.8.0/gonpemdgkjce
Source: chrome.exe, 00000002.00000002.4072814833.00001E3000A38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/adpcjrzq66vnkuggykvi4ijjqtva_9291/hfnkpimlhhgieaddgfe
Source: chrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/adrga7eefaxjfdmmgfkiaxjg4yjq_2024.7.12.235938/eeigpng
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/cpx7rw4q3nwu7emczqf2w6cu7y_2023.3.30.1305/cocncanleaf
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/cxxqn654fg7hzrcrrnqcniqqye_2024.10.11.1/kiabhabjdbkjd
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/imoffpf67hel7kbknqflao2oo4_1.0.2738.0/neifaoindggfcji
Source: chrome.exe, 00000002.00000002.4072814833.00001E3000A38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/j2hxfei2occ5siitujtlwgp6xi_3/ojhpjlocmbogdgmfpkhlaaea
Source: chrome.exe, 00000002.00000002.4070095563.00001E3000748000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/kqmxxzhbsp5oqnjc3nlsphfboa_20241101.690810062.14/obed
Source: chrome.exe, 00000002.00000002.4064873112.00001E3000120000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/kuv6sxh4r3bgt6ctayzn6cl44e_3049/jflookgnkcckhobaglndi
Source: chrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dl.google.com/release2/chrome_component/p2zbkxfgkqyr6ljey2oe3bnzoy_2023.11.29.1201/ggkkehgbnf
Source: chrome.exe, 00000002.00000002.4081327322.00001E300155C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://dns-tunnel-check.googlezip.net/connect
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjhkYWYwZDctOTExOS00
Source: chrome.exe, 00000002.00000002.4085916627.00001E30025D8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AMpg5-cnrANo_2018.8.8.0/2018.8.8.0_win64_
Source: chrome.exe, 00000002.00000002.4079066637.00001E30010D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/V3P1l2hLvLw_7/7_all_sslErrorAssistant.crx
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/ac3jaavoltgfyc34eshs22baaooq_1128/efniojl
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/ac6mhlwypzipnufijdvfyhdgvt4q_67/khaoiebnd
Source: chrome.exe, 00000002.00000002.4073262780.00001E3000A8C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.0
Source: chrome.exe, 00000002.00000002.4073262780.00001E3000A8C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acccxbt6wwsvpxzpob4hojndwkqq_4.10.2830.0/
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/ad3skwo2srs5xchyxzz6ujgnedha_9.52.0/gcmjk
Source: chrome.exe, 00000002.00000002.4076194024.00001E3000DC4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080968413.00001E300151C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adm5fg7myczym5ugfpmw2lireirq_2024.11.8.0/
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adpcjrzq66vnkuggykvi4ijjqtva_9291/hfnkpim
Source: chrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adrga7eefaxjfdmmgfkiaxjg4yjq_2024.7.12.23
Source: chrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/cpx7rw4q3nwu7emczqf2w6cu7y_2023.3.30.1305
Source: chrome.exe, 00000002.00000002.4073262780.00001E3000A8C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/cxxqn654fg7hzrcrrnqcniqqye_2024.10.11.1/k
Source: chrome.exe, 00000002.00000002.4073262780.00001E3000A8C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/imoffpf67hel7kbknqflao2oo4_1.0.2738.0/nei
Source: chrome.exe, 00000002.00000002.4072814833.00001E3000A38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/j2hxfei2occ5siitujtlwgp6xi_3/ojhpjlocmbog
Source: chrome.exe, 00000002.00000002.4065022202.00001E3000144000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/kqmxxzhbsp5oqnjc3nlsphfboa_20241101.69081
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/kuv6sxh4r3bgt6ctayzn6cl44e_3049/jflookgnk
Source: chrome.exe, 00000002.00000002.4076194024.00001E3000DC4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://edgedl.me.gvt1.com/edgedl/release2/chrome_component/p2zbkxfgkqyr6ljey2oe3bnzoy_2023.11.29.120
Source: chrome.exe, 00000002.00000002.4063950344.00001E300005A000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://google.com/
Source: chrome.exe, 00000002.00000002.4075269169.00001E3000CCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://issuetracker.google.com/200067929
Source: chrome.exe, 00000002.00000002.4060876902.00000205CF257000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: http://localhost:64111/browseore/api/api.php23848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A
Source: Setup.exe, 00000000.00000000.2147351309.000000000040A000.00000008.00000001.01000000.00000003.sdmp, Setup.exe, 00000000.00000002.2359482949.000000000040A000.00000004.00000001.01000000.00000003.sdmp, nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002E95000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2798163757.000000000040A000.00000004.00000001.01000000.0000000F.sdmp, nsx2B3B.tmp, 00000009.00000000.2352553335.000000000040A000.00000008.00000001.01000000.0000000F.sdmpString found in binary or memory: http://nsis.sf.net/NSIS_ErrorError
Source: Setup.exe, 00000000.00000002.2361344008.0000000002C2A000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000003.2359245400.0000000002C29000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000003.2358731878.0000000002BD4000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002E95000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002E04000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2798163757.000000000040A000.00000004.00000001.01000000.0000000F.sdmpString found in binary or memory: http://ocsp.digicert.com0A
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://redirector.gvt1.com/edgedl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjhkYWYwZDctOTExOS0
Source: chrome.exe, 00000002.00000002.4085916627.00001E30025D8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://redirector.gvt1.com/edgedl/release2/chrome_component/AMpg5-cnrANo_2018.8.8.0/2018.8.8.0_win64
Source: chrome.exe, 00000002.00000002.4087350781.00001E3002CF4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://redirector.gvt1.com/edgedl/release2/chrome_component/V3P1l2hLvLw_7/7_all_sslErrorAssistant.cr
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://safebrowsing.googleusercontent.com/safebrowsing/clientreport/chrome-certs
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjhkYWYwZDctOTExOS00MGQ5LTgy
Source: chrome.exe, 00000002.00000002.4075340554.00001E3000CDC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/AMpg5-cnrANo_2018.8.8.0/2018.8.8.0_win64_win_thir
Source: chrome.exe, 00000002.00000002.4069337062.00001E3000670000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/V3P1l2hLvLw_7/7_all_sslErrorAssistant.crx3
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/ac3jaavoltgfyc34eshs22baaooq_1128/efniojlnjndmcbi
Source: chrome.exe, 00000002.00000002.4072814833.00001E3000A38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/ac6mhlwypzipnufijdvfyhdgvt4q_67/khaoiebndkojlmppe
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.0/jamhcnn
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/acccxbt6wwsvpxzpob4hojndwkqq_4.10.2830.0/oimompec
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/ad3skwo2srs5xchyxzz6ujgnedha_9.52.0/gcmjkmgdlgnkk
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/adm5fg7myczym5ugfpmw2lireirq_2024.11.8.0/gonpemdg
Source: chrome.exe, 00000002.00000002.4072814833.00001E3000A38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/adpcjrzq66vnkuggykvi4ijjqtva_9291/hfnkpimlhhgiead
Source: chrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/adrga7eefaxjfdmmgfkiaxjg4yjq_2024.7.12.235938/eei
Source: chrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/cpx7rw4q3nwu7emczqf2w6cu7y_2023.3.30.1305/cocncan
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/cxxqn654fg7hzrcrrnqcniqqye_2024.10.11.1/kiabhabjd
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/imoffpf67hel7kbknqflao2oo4_1.0.2738.0/neifaoindgg
Source: chrome.exe, 00000002.00000002.4064873112.00001E3000120000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/j2hxfei2occ5siitujtlwgp6xi_3/ojhpjlocmbogdgmfpkhl
Source: chrome.exe, 00000002.00000002.4070095563.00001E3000748000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/kqmxxzhbsp5oqnjc3nlsphfboa_20241101.690810062.14/
Source: chrome.exe, 00000002.00000002.4064873112.00001E3000120000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/kuv6sxh4r3bgt6ctayzn6cl44e_3049/jflookgnkcckhobag
Source: chrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.google.com/dl/release2/chrome_component/p2zbkxfgkqyr6ljey2oe3bnzoy_2023.11.29.1201/ggkkeh
Source: chrome.exe, 00000002.00000002.4072397767.00001E30009BC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: http://www.gstatic.com/generate_204
Source: chrome.exe, 00000002.00000002.4074655990.00001E3000C0C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://ac.ecosia.org/autocomplete?q=
Source: chrome.exe, 00000002.00000002.4064324434.00001E300008E000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://accountcapabilities-pa.googleapis.com/v1/accountcapabilities:batchGet
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4070499271.00001E30007A0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4067097256.00001E300040C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com
Source: chrome.exe, 00000002.00000002.4070095563.00001E3000748000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4063895549.00001E3000024000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/AddSession
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/Logout
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/Logout%
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/MergeSession
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/OAuthLogin
Source: chrome.exe, 00000002.00000002.4064467678.00001E30000A8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/embedded/setup/chrome/usermenu
Source: chrome.exe, 00000002.00000002.4064467678.00001E30000A8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/embedded/setup/kidsignin/chromeos
Source: chrome.exe, 00000002.00000002.4064467678.00001E30000A8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/embedded/setup/kidsignup/chromeos
Source: chrome.exe, 00000002.00000002.4064324434.00001E300008E000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/encryption/unlock/desktop?kdi=CAIaDgoKY2hyb21lc3luYxAB
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com:443
Source: chrome.exe, 00000002.00000002.4072986287.00001E3000A58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://alling.p
Source: chrome.exe, 00000002.00000002.4060478233.00000205CF09D000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://analytics.google.com/g/collect?v=2&tid=G-VFQWFX3X1C&gtm=45je4b70v898645365za200&_p=173136032
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4830
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4830v
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4966
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/5845
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/5845x
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/6574
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7161
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7162
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7246
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7308
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7319
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7320
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7320r
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7369
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7369e
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7382
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7489
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7604
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7714
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7847
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7899
Source: chrome.exe, 00000002.00000002.4074655990.00001E3000C0C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://cdn.ecosia.org/assets/images/ico/favicon.ico
Source: chrome.exe, 00000002.00000002.4073507761.00001E3000ADC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/search
Source: chrome.exe, 00000002.00000002.4073507761.00001E3000ADC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/search?ei=&fr=crmas&p=
Source: chrome.exe, 00000002.00000002.4073507761.00001E3000ADC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/search?ei=&fr=crmas&p=searchTerms
Source: chrome.exe, 00000002.00000002.4069337062.00001E3000670000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://ch.search.yahoo.com/sugg/chrome?output=fxjson&appid=crmas&command=
Source: chrome.exe, 00000002.00000002.4077867237.00001E3000FC0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.coN
Source: chrome.exe, 00000002.00000002.4077867237.00001E3000FC0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.coNT
Source: chrome.exe, 00000002.00000002.4084640179.00001E3001900000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4068589830.00001E30005E8000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4069268333.00001E3000658000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore
Source: chrome.exe, 00000002.00000002.4068589830.00001E30005E8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore0
Source: chrome.exe, 00000002.00000002.4068589830.00001E30005E8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore206E5
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4072397767.00001E30009BC000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4082403246.00001E30016E8000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074726095.00001E3000C1C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore?hl=en
Source: chrome.exe, 00000002.00000002.4084640179.00001E3001900000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstoreLDDiscover
Source: chrome.exe, 00000002.00000002.4060606373.00000205CF0A0000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4092316362.00004C0400918000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymity-pa.googleapis.com/
Source: chrome.exe, 00000002.00000002.4060606373.00000205CF0A0000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4092316362.00004C0400918000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityauth-pa.googleapis.com/
Source: chrome.exe, 00000002.00000002.4092316362.00004C0400918000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityauth-pa.googleapis.com/KAnonymityServiceJoinRelayServerhttps://chromekanonym
Source: chrome.exe, 00000002.00000002.4092316362.00004C0400918000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://chromekanonymityquery-pa.googleapis.com/
Source: chrome.exe, 00000002.00000002.4060606373.00000205CF0A0000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://chromekanonymityquery-pa.googleapis.com/(
Source: chrome.exe, 00000002.00000002.4060606373.00000205CF0A0000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://chromekanonymityquery-pa.googleapis.com/(TrustTokenOperationsRequiringOriginTrial#all-operat
Source: chrome.exe, 00000002.00000002.4063793064.00001E300000C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://chromewebstore.google.com/
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://classroom.googleapis.com/
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://classroom.googleapis.com/g%
Source: chrome.exe, 00000002.00000002.4064576340.00001E30000D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://clients2.google.com/service/update2/c
Source: chrome.exe, 00000002.00000002.4060478233.00000205CF09D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4081254559.00001E3001544000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4062968828.00000205D2C5D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF06D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4075998333.00001E3000D5C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4063895549.00001E3000024000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EAD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4079434297.00001E3001108000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4069268333.00001E3000658000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4083365803.00001E30017E8000.00000004.00000001.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4051185282.000001C049AA4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://clients2.google.com/service/update2/crx
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://clients4.google.com/chrome-sync
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://clients4.google.com/chrome-sync/event
Source: chrome.exe, 00000002.00000002.4069588046.00001E30006DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://clientservices.googleapis.com/chrome-variations/seed?osname=win&channel=stable&milestone=117
Source: chrome.exe, 00000002.00000002.4059920905.00000205CEDBD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080408890.00001E300137C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4077718120.00001E3000F88000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/clientupdate-aus/1
Source: chrome.exe, 00000002.00000002.4079498607.00001E3001118000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/clientupdate-aus/1Cache-Control:
Source: chrome.exe, 00000002.00000002.4059920905.00000205CEDBD000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/clientupdate-aus/1d
Source: chrome.exe, 00000002.00000002.4077760647.00001E3000F90000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4066478178.00001E3000300000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4073578547.00001E3000AF4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/download-dt/1
Source: chrome.exe, 00000002.00000002.4077760647.00001E3000F90000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4066478178.00001E3000300000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4073578547.00001E3000AF4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/download-dt/1Content-Security-Policy:
Source: chrome.exe, 00000002.00000002.4077760647.00001E3000F90000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4066478178.00001E3000300000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4073578547.00001E3000AF4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/download-dt/1Content-Type:
Source: chrome.exe, 00000002.00000002.4077760647.00001E3000F90000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4073578547.00001E3000AF4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://csp.withgoogle.com/csp/download-dt/1d
Source: Setup.exe, 00000000.00000002.2361344008.0000000002C2A000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000003.2359245400.0000000002C29000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000003.2358731878.0000000002BD4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://delivery.pcapp.store/
Source: Setup.exe, 00000000.00000002.2361277094.0000000002BD4000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000003.2358731878.0000000002BD4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://delivery.pcapp.store/G
Source: Setup.exe, 00000000.00000002.2359917051.00000000005B6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://delivery.pcapp.store/download.php?&src=mini_installer&file=1&mini_ver=&evt_src=fa_mini_insta
Source: Setup.exe, 00000000.00000002.2359482949.0000000000436000.00000004.00000001.01000000.00000003.sdmp, Setup.exe, 00000000.00000003.2358686908.0000000002C4F000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://delivery.pcapp.store/download.php?&src=mini_installer&file=1&mini_ver=ersion=fa.1092c&src=pc
Source: Setup.exe, 00000000.00000002.2359917051.00000000005B6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://delivery.pcapp.store/download.php?&src=mini_installer&file=1&mini_ver=fa.1092c
Source: Setup.exe, 00000000.00000002.2359917051.00000000005B6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://delivery.pcapp.store/download.php?&src=mini_installer&file=1&mini_ver=fa.1092c6
Source: Setup.exe, 00000000.00000002.2361277094.0000000002BD4000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000003.2358731878.0000000002BD4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://delivery.pcapp.store/g
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjhkYWYwZDctOTExOS00MGQ5LTgyNjA
Source: chrome.exe, 00000002.00000002.4078483667.00001E3001050000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/AMpg5-cnrANo_2018.8.8.0/2018.8.8.0_win64_win_third_p
Source: chrome.exe, 00000002.00000002.4069337062.00001E3000670000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/V3P1l2hLvLw_7/7_all_sslErrorAssistant.crx3
Source: chrome.exe, 00000002.00000002.4069337062.00001E3000670000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/V3P1l2hLvLw_7/7_all_sslErrorAssistant.crx338/
Source: chrome.exe, 00000002.00000002.4064873112.00001E3000120000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/ac3jaavoltgfyc34eshs22baaooq_1128/efniojlnjndmcbiiee
Source: chrome.exe, 00000002.00000002.4064873112.00001E3000120000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/ac6mhlwypzipnufijdvfyhdgvt4q_67/khaoiebndkojlmppeemj
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.0/jamhcnnkih
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/acccxbt6wwsvpxzpob4hojndwkqq_4.10.2830.0/oimompecagn
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/ad3skwo2srs5xchyxzz6ujgnedha_9.52.0/gcmjkmgdlgnkkcoc
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/adm5fg7myczym5ugfpmw2lireirq_2024.11.8.0/gonpemdgkjc
Source: chrome.exe, 00000002.00000002.4072814833.00001E3000A38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/adpcjrzq66vnkuggykvi4ijjqtva_9291/hfnkpimlhhgieaddgf
Source: chrome.exe, 00000002.00000002.4073262780.00001E3000A8C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/adrga7eefaxjfdmmgfkiaxjg4yjq_2024.7.12.235938/eeigpn
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/cpx7rw4q3nwu7emczqf2w6cu7y_2023.3.30.1305/cocncanlea
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/cxxqn654fg7hzrcrrnqcniqqye_2024.10.11.1/kiabhabjdbkj
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/imoffpf67hel7kbknqflao2oo4_1.0.2738.0/neifaoindggfcj
Source: chrome.exe, 00000002.00000002.4072814833.00001E3000A38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/j2hxfei2occ5siitujtlwgp6xi_3/ojhpjlocmbogdgmfpkhlaae
Source: chrome.exe, 00000002.00000002.4070095563.00001E3000748000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/kqmxxzhbsp5oqnjc3nlsphfboa_20241101.690810062.14/obe
Source: chrome.exe, 00000002.00000002.4064873112.00001E3000120000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/kuv6sxh4r3bgt6ctayzn6cl44e_3049/jflookgnkcckhobaglnd
Source: chrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://dl.google.com/release2/chrome_component/p2zbkxfgkqyr6ljey2oe3bnzoy_2023.11.29.1201/ggkkehgbn
Source: chrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.goog
Source: chrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.googl0
Source: chrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4053197577.000001C04C0C9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/
Source: chrome.exe, 00000002.00000002.4069268333.00001E3000658000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4076857915.00001E3000ED8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080082182.00001E30011C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/:
Source: chrome.exe, 00000002.00000002.4074106842.00001E3000B94000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/?usp=installed_webapp
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080082182.00001E30011C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/J
Source: chrome.exe, 00000002.00000002.4069268333.00001E3000658000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/dogl
Source: chrome.exe, 00000002.00000002.4075854426.00001E3000D34000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080082182.00001E30011C4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4084067042.00001E3001888000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4068589830.00001E30005E8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/installwebapp?usp=chrome_default
Source: chrome.exe, 00000002.00000002.4068589830.00001E30005E8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/installwebapp?usp=chrome_defaultV
Source: chrome.exe, 00000002.00000002.4075854426.00001E3000D34000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/installwebapp?usp=chrome_defaultlt
Source: chrome.exe, 00000002.00000002.4084067042.00001E3001888000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/installwebapp?usp=chrome_defaultult
Source: chrome.exe, 00000002.00000002.4075929509.00001E3000D48000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4069268333.00001E3000658000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080082182.00001E30011C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/:
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080082182.00001E30011C4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080408890.00001E300137C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4079434297.00001E3001108000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/?usp=installed_webapp
Source: chrome.exe, 00000002.00000002.4080408890.00001E300137C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4079434297.00001E3001108000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/?usp=installed_webapp0
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080082182.00001E30011C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/J
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080082182.00001E30011C4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4084067042.00001E3001888000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4078918690.00001E30010AC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/installwebapp?usp=chrome_default
Source: chrome.exe, 00000002.00000002.4075929509.00001E3000D48000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/ogl
Source: chrome.exe, 00000002.00000002.4079284680.00001E30010F0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4069268333.00001E3000658000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/:
Source: chrome.exe, 00000002.00000002.4070499271.00001E30007A0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4079434297.00001E3001108000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/?usp=installed_webapp
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/J
Source: chrome.exe, 00000002.00000002.4077063518.00001E3000F08000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/installwebapp?usp=chrome_default
Source: chrome.exe, 00000002.00000002.4079284680.00001E30010F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/ogl0
Source: chrome.exe, 00000002.00000002.4069268333.00001E3000658000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/pH
Source: chrome.exe, 00000002.00000002.4081254559.00001E3001544000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4082126526.00001E30016B4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4081327322.00001E300155C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4082403246.00001E30016E8000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4083010974.00001E3001790000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://doubleclick.net/
Source: chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://doubleclick.net/O
Source: chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://doubleclick.net/Y
Source: chrome.exe, 00000002.00000002.4082126526.00001E30016B4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4081327322.00001E300155C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4082403246.00001E30016E8000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4083010974.00001E3001790000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://doubleclick.net/ore/
Source: chrome.exe, 00000002.00000002.4081254559.00001E3001544000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://doubleclick.net/rPolicy
Source: chrome.exe, 00000002.00000002.4081254559.00001E3001544000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://doubleclick.net/rmorithm
Source: chrome.exe, 00000002.00000002.4081327322.00001E300155C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://doubleclick.net/t/
Source: chrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://drive-autopush.corp.google.com/
Source: chrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://drive-daily-2.corp
Source: chrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://drive-daily-3.corp.googl
Source: chrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://drive-daily-4.c
Source: chrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://drive-daily-5.corp.go
Source: chrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://drive-daily-6.corp.google.com/
Source: chrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://drive-staging.corp.google.com/
Source: chrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4053197577.000001C04C0C9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/:
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080231332.00001E30011D0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4076857915.00001E3000ED8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/?lfhs=2
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/J
Source: chrome.exe, 00000002.00000002.4082338956.00001E30016D8000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080408890.00001E300137C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4079434297.00001E3001108000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://drive.google.com/drive/installwebapp?usp=chrome_default
Source: chrome.exe, 00000002.00000002.4070499271.00001E30007A0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074726095.00001E3000C1C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/?q=
Source: chrome.exe, 00000002.00000002.4070499271.00001E30007A0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/?q=searchTerms
Source: chrome.exe, 00000002.00000002.4074655990.00001E3000C0C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/ac/?q=
Source: chrome.exe, 00000002.00000002.4069699860.00001E30006FC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtab
Source: chrome.exe, 00000002.00000002.4069699860.00001E30006FC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/chrome_newtab~
Source: chrome.exe, 00000002.00000002.4068455442.00001E30005C0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.ico
Source: chrome.exe, 00000002.00000002.4068455442.00001E30005C0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://duckduckgo.com/favicon.icondTripTime
Source: chrome.exe, 00000002.00000002.4085916627.00001E30025D8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/AMpg5-cnrANo_2018.8.8.0/2018.8.8.0_win64
Source: chrome.exe, 00000002.00000002.4079066637.00001E30010D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/V3P1l2hLvLw_7/7_all_sslErrorAssistant.cr
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/ac3jaavoltgfyc34eshs22baaooq_1128/efnioj
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/ac6mhlwypzipnufijdvfyhdgvt4q_67/khaoiebn
Source: chrome.exe, 00000002.00000002.4073262780.00001E3000A8C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.
Source: chrome.exe, 00000002.00000002.4076194024.00001E3000DC4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/acccxbt6wwsvpxzpob4hojndwkqq_4.10.2830.0
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/ad3skwo2srs5xchyxzz6ujgnedha_9.52.0/gcmj
Source: chrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4076194024.00001E3000DC4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adm5fg7myczym5ugfpmw2lireirq_2024.11.8.0
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adpcjrzq66vnkuggykvi4ijjqtva_9291/hfnkpi
Source: chrome.exe, 00000002.00000002.4065403152.00001E3000194000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/adrga7eefaxjfdmmgfkiaxjg4yjq_2024.7.12.2
Source: chrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/cpx7rw4q3nwu7emczqf2w6cu7y_2023.3.30.130
Source: chrome.exe, 00000002.00000002.4073262780.00001E3000A8C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/cxxqn654fg7hzrcrrnqcniqqye_2024.10.11.1/
Source: chrome.exe, 00000002.00000002.4073262780.00001E3000A8C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/imoffpf67hel7kbknqflao2oo4_1.0.2738.0/ne
Source: chrome.exe, 00000002.00000002.4072814833.00001E3000A38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/j2hxfei2occ5siitujtlwgp6xi_3/ojhpjlocmbo
Source: chrome.exe, 00000002.00000002.4081549225.00001E3001598000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/kqmxxzhbsp5oqnjc3nlsphfboa_20241101.6908
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/kuv6sxh4r3bgt6ctayzn6cl44e_3049/jflookgn
Source: chrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://edgedl.me.gvt1.com/edgedl/release2/chrome_component/p2zbkxfgkqyr6ljey2oe3bnzoy_2023.11.29.12
Source: chrome.exe, 00000002.00000002.4059920905.00000205CEDB7000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://fonts.googleapis.com/css2?family=Inter:wght
Source: chrome.exe, 00000002.00000002.4075198709.00001E3000CC0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://fonts.gstatic.com/
Source: chrome.exe, 00000002.00000002.4060606373.00000205CF0A0000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4092316362.00004C0400918000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-join.fastly-edge.com/
Source: chrome.exe, 00000002.00000002.4060606373.00000205CF0A0000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4092316362.00004C0400918000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://google-ohttp-relay-query.fastly-edge.com/
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4063793064.00001E300000C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://google.com/
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://google.com/googleapis.com
Source: chrome.exe, 00000002.00000002.4064253240.00001E3000080000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4082648573.00001E3001724000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4077248650.00001E3000F34000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml
Source: chrome.exe, 00000002.00000002.4082403246.00001E30016E8000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4083081898.00001E30017A0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858128210/?random=1731360324107&cv=
Source: chrome.exe, 00000002.00000002.4083661821.00001E3001828000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4082831174.00001E300174C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://googletagmanager.com/
Source: chrome.exe, 00000002.00000002.4082831174.00001E300174C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://googletagmanager.com/=
Source: chrome.exe, 00000002.00000002.4083661821.00001E3001828000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://googletagmanager.com/cy
Source: chrome.exe, 00000002.00000002.4083661821.00001E3001828000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://googletagmanager.com/ithm
Source: chrome.exe, 00000002.00000002.4068589830.00001E30005E8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://googleusercontent.com/
Source: chrome.exe, 00000002.00000002.4075269169.00001E3000CCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/161903006
Source: chrome.exe, 00000002.00000002.4075269169.00001E3000CCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/166809097
Source: chrome.exe, 00000002.00000002.4075269169.00001E3000CCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/184850002
Source: chrome.exe, 00000002.00000002.4075269169.00001E3000CCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/187425444
Source: chrome.exe, 00000002.00000002.4075269169.00001E3000CCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/220069903
Source: chrome.exe, 00000002.00000002.4075269169.00001E3000CCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/229267970
Source: chrome.exe, 00000002.00000002.4075269169.00001E3000CCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/253522366
Source: chrome.exe, 00000002.00000002.4075269169.00001E3000CCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/255411748
Source: chrome.exe, 00000002.00000002.4075269169.00001E3000CCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/258207403
Source: chrome.exe, 00000002.00000002.4075269169.00001E3000CCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/274859104
Source: chrome.exe, 00000002.00000002.4075269169.00001E3000CCC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/284462263
Source: chrome.exe, 00000002.00000002.4074655990.00001E3000C0C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/issues/166475273
Source: chrome.exe, 00000002.00000002.4060606373.00000205CF0A0000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2
Source: chrome.exe, 00000002.00000002.4090143090.00004C0400288000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4092240519.00004C0400904000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060606373.00000205CF0A0000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboard
Source: chrome.exe, 00000002.00000002.4060606373.00000205CF0A0000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboard#exps-registration-success-page-urls
Source: chrome.exe, 00000002.00000002.4090143090.00004C0400288000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4092240519.00004C0400904000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboardL
Source: chrome.exe, 00000002.00000002.4060606373.00000205CF0A0000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboardPi
Source: chrome.exe, 00000002.00000002.4092240519.00004C0400904000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiment/2/springboardhttps://labs.google.com/search/experiments
Source: chrome.exe, 00000002.00000002.4060606373.00000205CF0A0000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://labs.google.com/search/experiments
Source: chrome.exe, 00000002.00000002.4060606373.00000205CF0A0000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4092316362.00004C0400918000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4092161000.00004C04008D8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/upload
Source: chrome.exe, 00000002.00000002.4060606373.00000205CF0A0000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/upload#companion-iph-blocklisted-page-urls
Source: chrome.exe, 00000002.00000002.4092316362.00004C0400918000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/uploadSidePanelCompanionDesktopM116Plus
Source: chrome.exe, 00000002.00000002.4092316362.00004C0400918000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/uploadSidePanelCompanionDesktopM116PlusEnabled_UnPinned_NewTab_20230918
Source: chrome.exe, 00000002.00000002.4092161000.00004C04008D8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://lens.google.com/v3/uploadcompanion-iph-blocklisted-page-urlsexps-registration-success-page-u
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://m.google.com/devicemanagement/data/api
Source: chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080082182.00001E30011C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/:
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080082182.00001E30011C4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080408890.00001E300137C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4079434297.00001E3001108000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?usp=installed_webapp
Source: chrome.exe, 00000002.00000002.4080408890.00001E300137C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4079434297.00001E3001108000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/?usp=installed_webapp0
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080082182.00001E30011C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/J
Source: chrome.exe, 00000002.00000002.4082338956.00001E30016D8000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080082182.00001E30011C4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4066548834.00001E3000310000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://mail.google.com/mail/installwebapp?usp=chrome_default
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://oauthaccountmanager.googleapis.com/
Source: chrome.exe, 00000002.00000002.4072745385.00001E3000A30000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4073338710.00001E3000AA4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074220324.00001E3000BB4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1&target=OPTIMIZATION_TARGET_PAGE_TOPICS_
Source: chrome.exe, 00000002.00000002.4072745385.00001E3000A30000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074220324.00001E3000BB4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1673999601&target=OPTIMIZATION_TARGET_PAG
Source: chrome.exe, 00000002.00000002.4072745385.00001E3000A30000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074220324.00001E3000BB4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074292075.00001E3000BC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1678906374&target=OPTIMIZATION_TARGET_OMN
Source: chrome.exe, 00000002.00000002.4072745385.00001E3000A30000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074220324.00001E3000BB4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1679317318&target=OPTIMIZATION_TARGET_LAN
Source: chrome.exe, 00000002.00000002.4072745385.00001E3000A30000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074220324.00001E3000BB4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074292075.00001E3000BC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1695049402&target=OPTIMIZATION_TARGET_GEO
Source: chrome.exe, 00000002.00000002.4072745385.00001E3000A30000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4066292688.00001E30002D0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074220324.00001E3000BB4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1695049414&target=OPTIMIZATION_TARGET_NOT
Source: chrome.exe, 00000002.00000002.4072745385.00001E3000A30000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4073338710.00001E3000AA4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074220324.00001E3000BB4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=1695051229&target=OPTIMIZATION_TARGET_PAG
Source: chrome.exe, 00000002.00000002.4072745385.00001E3000A30000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074220324.00001E3000BB4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074292075.00001E3000BC8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://optimizationguide-pa.googleapis.com/downloads?name=210230727&target=OPTIMIZATION_TARGET_CLIE
Source: chrome.exe, 00000002.00000002.4084281835.00001E30018CC000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF067000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://pagead2.googlesyndication.com/pagead/gen_204/?id=turtlex_join_ig&tx_jig=$
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060478233.00000205CF09D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4062968828.00000205D2C57000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4062968828.00000205D2C5D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4083772699.00001E3001848000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF06D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF067000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EA7000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EAD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://payments.google.com/
Source: chrome.exe, 00000002.00000002.4074655990.00001E3000C0C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4079434297.00001E3001108000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js
Source: chrome.exe, 00000002.00000002.4060478233.00000205CF09D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4062968828.00000205D2C5D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF06D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EAD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js?
Source: chrome.exe, 00000002.00000002.4060478233.00000205CF09D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4062968828.00000205D2C5D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF06D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EAD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.js?7https://sandbox.google.com/payments/v4/js/
Source: chrome.exe, 00000002.00000002.4074655990.00001E3000C0C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://payments.google.com/payments/v4/js/integrator.jser
Source: chrome.exe, 00000002.00000002.4077565030.00001E3000F64000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.st
Source: chrome.exe, 00000002.00000002.4068331274.00001E300059C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF257000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4075340554.00001E3000CDC000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4065124028.00001E3000154000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store
Source: Setup.exe, 00000000.00000002.2361174841.0000000002BA7000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000003.2173981876.0000000002BD4000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000003.2189267801.0000000002BD4000.00000004.00000020.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060478233.00000205CF09D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4075198709.00001E3000CC0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4078483667.00001E3001050000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4072397767.00001E30009BC000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4064253240.00001E3000080000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4068331274.00001E300059C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4069699860.00001E30006FC000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4082403246.00001E30016E8000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4066168674.00001E30002C7000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080082182.00001E30011C4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4083081898.00001E30017A0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080898413.00001E3001508000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF06D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4079498607.00001E3001118000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4072304420.00001E3000994000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4062517927.00000205D2AD3000.00000002.00000001.00040000.0000001E.sdmp, chrome.exe, 00000002.00000002.4080548586.00001E30013AB000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/
Source: Setup.exe, 00000000.00000002.2359917051.00000000005F1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/&src=mini_installer&file=1&mini_ver=fa.1092c
Source: chrome.exe, 00000002.00000002.4080082182.00001E30011C4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4062517927.00000205D2AD3000.00000002.00000001.00040000.0000001E.sdmpString found in binary or memory: https://pcapp.store//
Source: chrome.exe, 00000002.00000002.4069268333.00001E3000658000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/54202975821
Source: chrome.exe, 00000002.00000002.4069268333.00001E3000658000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4077063518.00001E3000F08000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4071793720.00001E3000914000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4073416631.00001E3000AC0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074726095.00001E3000C1C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4078774518.00001E3001094000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4079140323.00001E30010E6000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4069195329.00001E300064C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4064649346.00001E30000E0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=17313542029
Source: Setup.exe, 00000000.00000002.2361344008.0000000002C2A000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000003.2359245400.0000000002C29000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000003.2358731878.0000000002BD4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/F-&
Source: Setup.exe, 00000000.00000002.2359917051.00000000005F1000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/LMEMH
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4070499271.00001E30007A0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4087350781.00001E3002CF4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4083772699.00001E3001848000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4059920905.00000205CEDBD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF257000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4082831174.00001E300174C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4079567181.00001E3001124000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4068993225.00001E3000628000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4069416126.00001E3000698000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4070571135.00001E30007C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/api/api.php
Source: Setup.exe, 00000000.00000002.2361174841.0000000002BA7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/c
Source: Setup.exe, 00000000.00000003.2173908309.0000000000677000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000002.2360094188.0000000000677000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/inst_cpg.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&ve
Source: Setup.exe, 00000000.00000002.2359917051.00000000005B6000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2799043949.00000000005FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/installing.php?guid=&winver=
Source: chrome.exe, 00000002.00000002.4090795911.00004C04002F2000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/installing.php?guid=2ED92742-89DC-DD72-92E8-
Source: chrome.exe, 00000002.00000002.4069268333.00001E3000658000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4082648573.00001E3001724000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/installing.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&winver=19045&version=fa
Source: chrome.exe, 00000002.00000002.4078483667.00001E3001050000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/js?id=G-VFQWFX3X1C
Source: chrome.exe, 00000002.00000002.4085993066.00001E30025F0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4083925356.00001E3001870000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080231332.00001E30011D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/lp/appstore/img/favicon.ico
Source: chrome.exe, 00000002.00000002.4074106842.00001E3000B94000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/lp/appstore/img/favicon.ico0
Source: chrome.exe, 00000002.00000002.4078483667.00001E3001050000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4079140323.00001E30010E6000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/lp/lpd_installing_r2/src/lpd_installing_r2.min.js?nocache=1709636059406
Source: chrome.exe, 00000002.00000002.4072304420.00001E3000994000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=173135420297
Source: Setup.exe, 00000000.00000003.2358883269.0000000000607000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000002.2360094188.0000000000608000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/pixel.gif?guid=
Source: Setup.exe, 00000000.00000003.2358731878.0000000002BD4000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000002.2359917051.000000000058A000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000002.2359917051.00000000005F1000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000003.2679000643.000000000387B000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2799043949.0000000000620000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000003.2672325931.000000000062D000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2799043949.000000000060F000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000003.2672119306.000000000065D000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000003.2672325931.0000000000657000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2799043949.0000000000657000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4053197577.000001C04C059000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4053197577.000001C04C0C9000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_
Source: chrome.exe, 00000002.00000002.4063793064.00001E300000C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4081327322.00001E300155C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4081918193.00001E30015F8000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080231332.00001E30011D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/pixelgif.php
Source: chrome.exe, 00000002.00000002.4081918193.00001E30015F8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/pixelgif.php47a
Source: chrome.exe, 00000002.00000002.4081327322.00001E300155C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080231332.00001E30011D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/pixelgif.phpderValidator
Source: Setup.exe, 00000000.00000002.2359917051.00000000005B6000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/privacy.html?guid=welhttps://pcapp.store/pixel.gif?guid=&version=&evt_src=fa_min
Source: Setup.exe, 00000000.00000002.2359917051.00000000005B6000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2799043949.00000000005FC000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store/tos.html?guid=
Source: chrome.exe, 00000002.00000002.4070499271.00001E30007A0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.store:443
Source: chrome.exe, 00000002.00000002.4072397767.00001E30009BC000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4065124028.00001E3000154000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.storeAccess-Control-Allow-Credentials:
Source: chrome.exe, 00000002.00000002.4066966859.00001E3000390000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://pcapp.storeAccess-Coro
Source: chrome.exe, 00000002.00000002.4082568992.00001E3001710000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/edgedl/release2/chrome_component/AMpg5-cnrANo_2018.8.8.0/2018.8.8.0_win6
Source: chrome.exe, 00000002.00000002.4087350781.00001E3002CF4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://redirector.gvt1.com/edgedl/release2/chrome_component/V3P1l2hLvLw_7/7_all_sslErrorAssistant.c
Source: chrome.exe, 00000002.00000002.4064324434.00001E300008E000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://safebrowsing.google.com/safebrowsing/clientreport/chrome-sct-auditing
Source: chrome.exe, 00000002.00000002.4075527338.00001E3000CFC000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EA7000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EAD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4078336596.00001E3001038000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4070571135.00001E30007C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://sandbox.google.com/
Source: chrome.exe, 00000002.00000002.4079434297.00001E3001108000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4051185282.000001C049AA4000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://sandbox.google.com/payments/v4/js/integrator.js
Source: chrome.exe, 00000002.00000002.4064467678.00001E30000A8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://sctauditing-pa.googleapis.com/v1/knownscts/length/$1/prefix/$2?key=AIzaSyBOti4mM-6x9WDnZIjIe
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://securitydomain-pa.googleapis.com/v1/
Source: chrome.exe, 00000002.00000002.4072397767.00001E30009BC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://t0.gstatic.com/faviconV2
Source: chrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tasks.googleapis.com/
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://td.doubleclick.net
Source: chrome.exe, 00000002.00000002.4079284680.00001E30010F0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4079937129.00001E3001184000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://td.doubleclick.net/
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://td.doubleclick.net/td/bjs
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://td.doubleclick.net/td/bts
Source: chrome.exe, 00000002.00000002.4079498607.00001E3001118000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF067000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4065022202.00001E3000144000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4081549225.00001E3001598000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074402653.00001E3000BD8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://td.doubleclick.net/td/ga/rul?tid=G-VFQWFX3X1C&gacid=367951386.1731360323&gtm=45je4b70v898645
Source: chrome.exe, 00000002.00000002.4080968413.00001E300151C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://td.doubleclick.net/td/rul/858128210?random=1731360323996&cv=11&fst=1731360323996&fmt=3&bg=ff
Source: chrome.exe, 00000002.00000002.4080968413.00001E300151C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://td.doubleclick.net/td/rul/858128210?random=1731360324075&cv=11&fst=1731360324075&fmt=3&bg=ff
Source: chrome.exe, 00000002.00000002.4060260244.00000205CF067000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4082648573.00001E3001724000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4071793720.00001E3000914000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4069771060.00001E300070C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://td.doubleclick.net/td/rul/858128210?random=1731360324107&cv=11&fst=1731360324107&fmt=3&bg=ff
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://td.doubleclick.net/td/update?ig_name=4s1387167454.1731360324
Source: chrome.exe, 00000002.00000002.4084893026.00001E3001970000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4079793409.00001E300117B000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://td.doubleclick.net4s1387167454.1731360324
Source: chrome.exe, 00000002.00000002.4079793409.00001E300117B000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://td.doubleclick.net4s1387167454.1731360324/
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://td.doubleclick.nethttps://pcapp.store
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://td.doubleclick.nethttps://pcapp.store/
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=156786411258&cr_id=681164326060&cv_id=1&format=$
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=156786411258&cr_id=681210400247&cv_id=2&format=$
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=156786411258&cr_id=682239234212&cv_id=0&format=$
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=68
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688766820411&cv_id=0&format=$
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688766820414&cv_id=0&format=$
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688766820429&cv_id=0&format=$
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688766820432&cv_id=0&f
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688766820432&cv_id=0&format=$
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688766820444&cv_id=0&format=$
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688766820450&cv_id=0&format=$
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688766820453&cv_id=0&format=$
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688766820456&cv_id=0&format=$
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688795175019&cv_id=0&format=$
Source: chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688917203998&cv_id=0&format=$
Source: chrome.exe, 00000002.00000002.4074655990.00001E3000C0C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://update.googleapis.com/service/update2/json
Source: chrome.exe, 00000002.00000003.2829324495.00001E3000357000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000003.2829324495.00001E3000354000.00000004.00000800.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4076194024.00001E3000DC4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://update.googleapis.com/service/update2/json?cup2key=13:LcxdtRJVikRThurCX5ecX7d603nvkLVaw9183z
Source: chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/newtab/
Source: chrome.exe, 00000002.00000002.4074655990.00001E3000C0C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=
Source: chrome.exe, 00000002.00000002.4074655990.00001E3000C0C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=&addon=opensearch
Source: chrome.exe, 00000002.00000002.4074655990.00001E3000C0C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.ecosia.org/search?q=&addon=opensearchn=opensearch
Source: chrome.exe, 00000002.00000002.4077063518.00001E3000F08000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google-analytics.com;report-uri
Source: chrome.exe, 00000002.00000002.4069268333.00001E3000658000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4068993225.00001E3000628000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4069516729.00001E30006C8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/
Source: chrome.exe, 00000002.00000002.4060478233.00000205CF09D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4062968828.00000205D2C5D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF06D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EAD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.google.com/$
Source: chrome.exe, 00000002.00000002.4070499271.00001E30007A0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4071793720.00001E3000914000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/chrome/tips/
Source: chrome.exe, 00000002.00000002.4070499271.00001E30007A0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4071793720.00001E3000914000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/chrome/tips/gs
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/chromewebstore/L2Nocm9tZV9leHRlbnNpb24vYmxvYnMvYjhkYWYwZDctOTExOS00MGQ5LTg
Source: chrome.exe, 00000002.00000002.4075340554.00001E3000CDC000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/AMpg5-cnrANo_2018.8.8.0/2018.8.8.0_win64_win_thi
Source: chrome.exe, 00000002.00000002.4069337062.00001E3000670000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/V3P1l2hLvLw_7/7_all_sslErrorAssistant.crx3
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/ac3jaavoltgfyc34eshs22baaooq_1128/efniojlnjndmcb
Source: chrome.exe, 00000002.00000002.4064873112.00001E3000120000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/ac6mhlwypzipnufijdvfyhdgvt4q_67/khaoiebndkojlmpp
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/acaldksiunzh56452py2db5mnbpa_120.0.6050.0/jamhcn
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/acccxbt6wwsvpxzpob4hojndwkqq_4.10.2830.0/oimompe
Source: chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/ad3skwo2srs5xchyxzz6ujgnedha_9.52.0/gcmjkmgdlgnk
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/adm5fg7myczym5ugfpmw2lireirq_2024.11.8.0/gonpemd
Source: chrome.exe, 00000002.00000002.4072814833.00001E3000A38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/adpcjrzq66vnkuggykvi4ijjqtva_9291/hfnkpimlhhgiea
Source: chrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/adrga7eefaxjfdmmgfkiaxjg4yjq_2024.7.12.235938/ee
Source: chrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/cpx7rw4q3nwu7emczqf2w6cu7y_2023.3.30.1305/cocnca
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/cxxqn654fg7hzrcrrnqcniqqye_2024.10.11.1/kiabhabj
Source: chrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/imoffpf67hel7kbknqflao2oo4_1.0.2738.0/neifaoindg
Source: chrome.exe, 00000002.00000002.4064873112.00001E3000120000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/j2hxfei2occ5siitujtlwgp6xi_3/ojhpjlocmbogdgmfpkh
Source: chrome.exe, 00000002.00000002.4065403152.00001E3000194000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/kqmxxzhbsp5oqnjc3nlsphfboa_20241101.690810062.14
Source: chrome.exe, 00000002.00000002.4064873112.00001E3000120000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/kuv6sxh4r3bgt6ctayzn6cl44e_3049/jflookgnkcckhoba
Source: chrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/dl/release2/chrome_component/p2zbkxfgkqyr6ljey2oe3bnzoy_2023.11.29.1201/ggkke
Source: chrome.exe, 00000002.00000002.4067916688.00001E3000500000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4068589830.00001E30005E8000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4070401518.00001E3000780000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/images/branding/product/ico/googleg_lodp.ico
Source: chrome.exe, 00000002.00000002.4066548834.00001E3000310000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/tools/feedback/chrome/__submit
Source: chrome.exe, 00000002.00000002.4063370975.00000205D2EAD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/
Source: chrome.exe, 00000002.00000002.4060478233.00000205CF09D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4081254559.00001E3001544000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4062968828.00000205D2C5D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF06D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4075998333.00001E3000D5C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EAD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4083365803.00001E30017E8000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/chromewebstore
Source: chrome.exe, 00000002.00000002.4060478233.00000205CF09D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4074655990.00001E3000C0C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4062968828.00000205D2C5D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF06D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EAD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4079434297.00001E3001108000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonly
Source: chrome.exe, 00000002.00000002.4074655990.00001E3000C0C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/chromewebstore.readonlyl
Source: chrome.exe, 00000002.00000002.4060478233.00000205CF09D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4081254559.00001E3001544000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4062968828.00000205D2C5D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF06D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4075998333.00001E3000D5C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EAD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4080231332.00001E30011D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/sierra
Source: chrome.exe, 00000002.00000002.4060478233.00000205CF09D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4062968828.00000205D2C5D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF06D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EAD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/sierra5-https://www.googleapis.com/auth/sierrasandbox6.https://www.g
Source: chrome.exe, 00000002.00000002.4075998333.00001E3000D5C000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/sierraX
Source: chrome.exe, 00000002.00000002.4075998333.00001E3000D5C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080231332.00001E30011D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/sierrah
Source: chrome.exe, 00000002.00000002.4060478233.00000205CF09D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4078483667.00001E3001050000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4062968828.00000205D2C5D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF06D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4075998333.00001E3000D5C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EAD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4068521503.00001E30005D4000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.googleapis.com/auth/sierrasandbox
Source: chrome.exe, 00000002.00000002.4075340554.00001E3000CDC000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4077063518.00001E3000F08000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com
Source: chrome.exe, 00000002.00000002.4082831174.00001E300174C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4067670906.00001E30004C0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtag/js?id=AW-858128210&l=dataLayer&cx=c&gtm=45je4b70v898645365za20
Source: chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/gtag/js?id=G-VFQWFX3X1C
Source: chrome.exe, 00000002.00000002.4073507761.00001E3000ADC000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4083661821.00001E3001828000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4082831174.00001E300174C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4082648573.00001E3001724000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4071793720.00001E3000914000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fpcap
Source: chrome.exe, 00000002.00000002.4077063518.00001E3000F08000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com
Source: chrome.exe, 00000002.00000002.4075340554.00001E3000CDC000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4067670906.00001E30004C0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/chrome/intelligence/assist/ranker/models/translate/2017/03/translate_ranker_
Source: chrome.exe, 00000002.00000002.4078632504.00001E3001088000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.jsdelivr.com/using-sri-with-dynamic-files
Source: chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/:
Source: chrome.exe, 00000002.00000002.4079284680.00001E30010F0000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4077167731.00001E3000F24000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/?feature=ytca
Source: chrome.exe, 00000002.00000002.4079284680.00001E30010F0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/?feature=ytcaogl
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/J
Source: chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4084067042.00001E3001888000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4071871017.00001E3000934000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080231332.00001E30011D0000.00000004.00000001.00020000.00000000.sdmpString found in binary or memory: https://www.youtube.com/s/notifications/manifest/cr_install.html
Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49744
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49743
Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49741
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49740
Source: unknownNetwork traffic detected: HTTP traffic on port 57594 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57571 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49789 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49766 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49743 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57536 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49720 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57559 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49739
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49738
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49737
Source: unknownNetwork traffic detected: HTTP traffic on port 57616 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49675 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57547 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
Source: unknownNetwork traffic detected: HTTP traffic on port 49812 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57576 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57530 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57604 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49784 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49749 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57582 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57565 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49823 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49729
Source: unknownNetwork traffic detected: HTTP traffic on port 49777 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49714 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49726
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49725
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49724
Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49720
Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57577 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57554 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49748 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57609 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49828 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57560 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49805 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57583 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49719
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49717
Source: unknownNetwork traffic detected: HTTP traffic on port 57541 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49714
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49713
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49712
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49711
Source: unknownNetwork traffic detected: HTTP traffic on port 57524 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57599 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49822 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49726 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57518 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57535 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57588 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49829
Source: unknownNetwork traffic detected: HTTP traffic on port 57529 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
Source: unknownNetwork traffic detected: HTTP traffic on port 49811 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49828
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49827
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49826
Source: unknownNetwork traffic detected: HTTP traffic on port 49754 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49825
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49824
Source: unknownNetwork traffic detected: HTTP traffic on port 49737 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49823
Source: unknownNetwork traffic detected: HTTP traffic on port 49771 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49822
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49788
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
Source: unknownNetwork traffic detected: HTTP traffic on port 57598 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49784
Source: unknownNetwork traffic detected: HTTP traffic on port 57569 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49783
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49781
Source: unknownNetwork traffic detected: HTTP traffic on port 57575 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49780
Source: unknownNetwork traffic detected: HTTP traffic on port 57552 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57603 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57566
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57567
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57568
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57569
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57573
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57574
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57575
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57576
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57570
Source: unknownNetwork traffic detected: HTTP traffic on port 57581 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57571
Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49713 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57612 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57543 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49759 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
Source: unknownNetwork traffic detected: HTTP traffic on port 49753 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49778
Source: unknownNetwork traffic detected: HTTP traffic on port 57520 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49777
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49775
Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
Source: unknownNetwork traffic detected: HTTP traffic on port 57526 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49771
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49770
Source: unknownNetwork traffic detected: HTTP traffic on port 57593 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49724 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57577
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57578
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57579
Source: unknownNetwork traffic detected: HTTP traffic on port 57608 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49780 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57584
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57585
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57586
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57587
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57580
Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57581
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57582
Source: unknownNetwork traffic detected: HTTP traffic on port 57586 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57558 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57583
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49766
Source: unknownNetwork traffic detected: HTTP traffic on port 57548 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
Source: unknownNetwork traffic detected: HTTP traffic on port 57525 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49762
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
Source: unknownNetwork traffic detected: HTTP traffic on port 57592 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49725 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49741 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57519 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57588
Source: unknownNetwork traffic detected: HTTP traffic on port 49770 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57595
Source: unknownNetwork traffic detected: HTTP traffic on port 49719 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57596
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57597
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57598
Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57591
Source: unknownNetwork traffic detected: HTTP traffic on port 57564 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57587 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57592
Source: unknownNetwork traffic detected: HTTP traffic on port 49824 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57593
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57594
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57590
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49759
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49757
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49756
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49755
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49754
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49753
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49752
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49751
Source: unknownNetwork traffic detected: HTTP traffic on port 57570 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
Source: unknownNetwork traffic detected: HTTP traffic on port 49818 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57553 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57602 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57599
Source: unknownNetwork traffic detected: HTTP traffic on port 49747 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49829 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57542 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57613 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49775 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49749
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49748
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49747
Source: unknownNetwork traffic detected: HTTP traffic on port 49792 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49746
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49745
Source: unknownNetwork traffic detected: HTTP traffic on port 57607 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57526
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57527
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57528
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57529
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57522
Source: unknownNetwork traffic detected: HTTP traffic on port 57533 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57523
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57524
Source: unknownNetwork traffic detected: HTTP traffic on port 49746 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49781 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57525
Source: unknownNetwork traffic detected: HTTP traffic on port 57585 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57530
Source: unknownNetwork traffic detected: HTTP traffic on port 57562 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57532
Source: unknownNetwork traffic detected: HTTP traffic on port 49826 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49717 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57597 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57551 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49820 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49711 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57568 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57538
Source: unknownNetwork traffic detected: HTTP traffic on port 57516 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57539
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57533
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57534
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57535
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57536
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57540
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57541
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57542
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57543
Source: unknownNetwork traffic detected: HTTP traffic on port 49752 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57579 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57527 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57544 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57596 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49712 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49819 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57548
Source: unknownNetwork traffic detected: HTTP traffic on port 57601 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57549
Source: unknownNetwork traffic detected: HTTP traffic on port 49729 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57544
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57545
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57546
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57547
Source: unknownNetwork traffic detected: HTTP traffic on port 49745 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57551
Source: unknownNetwork traffic detected: HTTP traffic on port 49793 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57552
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57553
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57554
Source: unknownNetwork traffic detected: HTTP traffic on port 57557 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57538 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57550
Source: unknownNetwork traffic detected: HTTP traffic on port 49751 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57614 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49757 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
Source: unknownNetwork traffic detected: HTTP traffic on port 57606 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49793
Source: unknownNetwork traffic detected: HTTP traffic on port 57549 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57574 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49792
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57559
Source: unknownNetwork traffic detected: HTTP traffic on port 57591 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
Source: unknownNetwork traffic detected: HTTP traffic on port 49740 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57555
Source: unknownNetwork traffic detected: HTTP traffic on port 57532 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57556
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57557
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57558
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57562
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57564
Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57565
Source: unknownNetwork traffic detected: HTTP traffic on port 49825 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49808 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57560
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57561
Source: unknownNetwork traffic detected: HTTP traffic on port 57580 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57521 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49789
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49821
Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49820
Source: unknownNetwork traffic detected: HTTP traffic on port 57523 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57607
Source: unknownNetwork traffic detected: HTTP traffic on port 57546 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57608
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57609
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57603
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57604
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57605
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57606
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57600
Source: unknownNetwork traffic detected: HTTP traffic on port 49762 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57601
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57602
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49819
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49818
Source: unknownNetwork traffic detected: HTTP traffic on port 57566 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57578 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49816
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49815
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49812
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49811
Source: unknownNetwork traffic detected: HTTP traffic on port 49816 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57614
Source: unknownNetwork traffic detected: HTTP traffic on port 57555 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57615
Source: unknownNetwork traffic detected: HTTP traffic on port 57600 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57616
Source: unknownNetwork traffic detected: HTTP traffic on port 49788 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57610
Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57612
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57613
Source: unknownNetwork traffic detected: HTTP traffic on port 57561 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49827 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49808
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49805
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49804
Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
Source: unknownNetwork traffic detected: HTTP traffic on port 57540 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57615 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
Source: unknownNetwork traffic detected: HTTP traffic on port 49756 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49739 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
Source: unknownNetwork traffic detected: HTTP traffic on port 57573 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49783 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57550 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57605 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49821 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49815 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57567 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57534 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57528 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49778 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57522 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49755 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49738 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57610 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57519
Source: unknownNetwork traffic detected: HTTP traffic on port 57545 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57595 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57516
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57518
Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49804 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49744 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57520
Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 57521
Source: unknownNetwork traffic detected: HTTP traffic on port 57539 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57556 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57590 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 57584 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:49706 version: TLS 1.2
Source: unknownHTTPS traffic detected: 37.19.194.80:443 -> 192.168.2.5:49719 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49720 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49750 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.246.45:443 -> 192.168.2.5:49754 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49793 version: TLS 1.2
Source: unknownHTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.5:49803 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.5:49805 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:49811 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:49817 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57525 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.239.94.39:443 -> 192.168.2.5:57524 version: TLS 1.2
Source: unknownHTTPS traffic detected: 4.175.87.197:443 -> 192.168.2.5:57526 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57542 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57545 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57548 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57570 version: TLS 1.2
Source: unknownHTTPS traffic detected: 147.182.211.77:443 -> 192.168.2.5:57593 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.239.94.39:443 -> 192.168.2.5:57594 version: TLS 1.2
Source: unknownHTTPS traffic detected: 204.79.197.222:443 -> 192.168.2.5:57598 version: TLS 1.2
Source: unknownHTTPS traffic detected: 13.107.213.254:443 -> 192.168.2.5:57607 version: TLS 1.2
Source: unknownHTTPS traffic detected: 23.1.237.91:443 -> 192.168.2.5:57608 version: TLS 1.2
Source: unknownHTTPS traffic detected: 150.171.73.254:443 -> 192.168.2.5:57609 version: TLS 1.2
Source: unknownHTTPS traffic detected: 150.171.73.254:443 -> 192.168.2.5:57610 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57612 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57613 version: TLS 1.2
Source: unknownHTTPS traffic detected: 167.99.235.203:443 -> 192.168.2.5:57614 version: TLS 1.2
Source: unknownHTTPS traffic detected: 18.239.94.39:443 -> 192.168.2.5:57615 version: TLS 1.2
Source: C:\Users\user\PCAppStore\PcAppStore.exeWindows user hook set: 0 mouse low level C:\Users\user\PCAppStore\PcAppStore.exe
Source: NW_store.exe.9.drStatic PE information: Number of sections : 13 > 10
Source: nw.dll.9.drStatic PE information: Number of sections : 15 > 10
Source: vk_swiftshader.dll.9.drStatic PE information: Number of sections : 11 > 10
Source: ffmpeg.dll.9.drStatic PE information: Number of sections : 11 > 10
Source: vulkan-1.dll.9.drStatic PE information: Number of sections : 11 > 10
Source: libEGL.dll.9.drStatic PE information: Number of sections : 12 > 10
Source: node.dll.9.drStatic PE information: Number of sections : 11 > 10
Source: nw_elf.dll.9.drStatic PE information: Number of sections : 14 > 10
Source: libGLESv2.dll.9.drStatic PE information: Number of sections : 12 > 10
Source: notification_helper.exe.9.drStatic PE information: Number of sections : 13 > 10
Source: Setup.exe, 00000000.00000002.2359482949.000000000040A000.00000004.00000001.01000000.00000003.sdmpBinary or memory string: OriginalFilenameinetc.dllF vs Setup.exe
Source: Setup.exeStatic PE information: RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
Source: classification engineClassification label: mal57.spyw.evad.winEXE@40/242@39/18
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Users\user\Desktop\Setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsn14F1.tmpJump to behavior
Source: Setup.exeStatic PE information: Section: .text IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select Name from Win32_Processor
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select MaxClockSpeed from Win32_Processor
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select NumberOfCores from Win32_Processor
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select NumberOfLogicalProcessors from Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select Name from Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select MaxClockSpeed from Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select NumberOfCores from Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select NumberOfLogicalProcessors from Win32_Processor
Source: C:\Users\user\Desktop\Setup.exeFile read: C:\Users\desktop.iniJump to behavior
Source: C:\Users\user\Desktop\Setup.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Safer\CodeIdentifiersJump to behavior
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: SELECT sql FROM%d UNION ALL SELECT shell_add_schema(sql,mainNULL,name) AS sql, type, tbl_name, name, rowid, AS snum, AS sname FROM .sqlite_schema UNION ALL SELECT shell_module_schema(name), 'table', name, name, name, 9e+99, 'main' FROM pragma_module_list) WHERE %Qlower(printf('%s.%s',sname,tbl_name))lower(tbl_name) GLOB LIKE ESCAPE '\' AND name NOT LIKE 'sqlite_%%' AND sql IS NOT NULL ORDER BY snum, rowidSQL: %s;
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: INSERT INTO sqlite_schema(type,name,tbl_name,rootpage,sql)VALUES('table','%q','%q',0,'%q');%s
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: UPDATE %Q.sqlite_master SET tbl_name = %Q, name = CASE WHEN type='table' THEN %Q WHEN name LIKE 'sqliteX_autoindex%%' ESCAPE 'X' AND type='index' THEN 'sqlite_autoindex_' || %Q || substr(name,%d+18) ELSE name END WHERE tbl_name=%Q COLLATE nocase AND (type='table' OR type='index' OR type='trigger');
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: SELECT max(length(key)) FROM temp.sqlite_parameters;
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: CREATE TABLE ColNames( cpos INTEGER PRIMARY KEY, name TEXT, nlen INT, chop INT, reps INT, suff TEXT);CREATE VIEW RepeatedNames AS SELECT DISTINCT t.name FROM ColNames t WHERE t.name COLLATE NOCASE IN ( SELECT o.name FROM ColNames o WHERE o.cpos<>t.cpos);
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: SELECT type,name,tbl_name,sql FROM sqlite_schema ORDER BY name;
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: SELECT key, quote(value) FROM temp.sqlite_parameters;
Source: chrome.exe, 00000002.00000002.4069060921.00001E3000641000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: CREATE TABLE psl_extensions (domain VARCHAR NOT NULL, UNIQUE (domain));
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: SELECT 'CREATE TEMP' || substr(sql, 7) FROM sqlite_schema WHERE tbl_name = %Q AND type IN ('table', 'trigger') ORDER BY type;
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: INSERT INTO selftest(tno,op,cmd,ans) SELECT rowid*10,op,cmd,ans FROM [_shell$self];
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: SELECT * FROM "%w" ORDER BY rowid DESC;Warning: cannot step "%s" backwardsSELECT name, sql FROM sqlite_schema WHERE %sError: (%d) %s on [%s]
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: INSERT INTO sqlite_schema(type,name,tbl_name,rootpage,sql)VALUES('table','%q','%q',0,'%q');
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: INSERT INTO %Q.sqlite_master VALUES('index',%Q,%Q,#%d,%Q);
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: SELECT * FROM "%w" ORDER BY rowid DESC;
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: SELECT tbl,idx,stat FROM sqlite_stat1 ORDER BY tbl,idx;
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: SELECT 'EXPLAIN QUERY PLAN SELECT 1 FROM ' || quote(s.name) || ' WHERE ' || group_concat(quote(s.name) || '.' || quote(f.[from]) || '=?' || fkey_collate_clause( f.[table], COALESCE(f.[to], p.[name]), s.name, f.[from]),' AND '), 'SEARCH ' || s.name || ' USING COVERING INDEX*(' || group_concat('*=?', ' AND ') || ')', s.name || '(' || group_concat(f.[from], ', ') || ')', f.[table] || '(' || group_concat(COALESCE(f.[to], p.[name])) || ')', 'CREATE INDEX ' || quote(s.name ||'_'|| group_concat(f.[from], '_')) || ' ON ' || quote(s.name) || '(' || group_concat(quote(f.[from]) || fkey_collate_clause( f.[table], COALESCE(f.[to], p.[name]), s.name, f.[from]), ', ') || ');', f.[table] FROM sqlite_schema AS s, pragma_foreign_key_list(s.name) AS f LEFT JOIN pragma_table_info AS p ON (pk-1=seq AND p.arg=f.[table]) GROUP BY s.name, f.id ORDER BY (CASE WHEN ? THEN f.[table] ELSE s.name END)
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: SELECT 'CREATE TEMP' || substr(sql, 7) FROM sqlite_schema WHERE tbl_name = %Q AND type IN ('table', 'trigger') ORDER BY type;ALTER TABLE temp.%Q RENAME TO %QINSERT INTO %Q VALUES(, %s?)UPDATE %Q SET , %s%Q=?DELETE FROM %QSELECT type, name, sql, 1 FROM sqlite_schema WHERE type IN ('table','view') AND name NOT LIKE 'sqlite_%%' UNION ALL SELECT type, name, sql, 2 FROM sqlite_schema WHERE type = 'trigger' AND tbl_name IN(SELECT name FROM sqlite_schema WHERE type = 'view') ORDER BY 4, 1CREATE TABLE x(, %s%Q COLLATE %s)CREATE VIRTUAL TABLE %Q USING expert(%Q)SELECT max(i.seqno) FROM sqlite_schema AS s, pragma_index_list(s.name) AS l, pragma_index_info(l.name) AS i WHERE s.type = 'table', %sx.%Q IS rem(%d, x.%Q) COLLATE %s%s%dSELECT %s FROM %Q x ORDER BY %sSELECT %s FROM temp.t592690916721053953805701627921227776 x ORDER BY %s%d %dDROP TABLE IF EXISTS temp.t592690916721053953805701627921227776CREATE TABLE temp.t592690916721053953805701627921227776 AS SELECT * FROM %QSELECT s.rowid, s.name, l.name FROM sqlite_schema AS s, pragma_index_list(s.name) AS l WHERE s.type = 'table'SELECT name, coll FROM pragma_index_xinfo(?) WHERE keyINSERT INTO sqlite_stat1 VALUES(?, ?, ?)ANALYZE; PRAGMA writable_schema=1remsampleDROP TABLE IF EXISTS temp.t592690916721053953805701627921227776ANALYZE sqlite_schemaDROP TABLE IF EXISTS temp.t592690916721053953805701627921227776:memory::memory:SELECT sql FROM sqlite_schema WHERE name NOT LIKE 'sqlite_%%' AND sql NOT LIKE 'CREATE VIRTUAL %%'Cannot find a unique index name to propose. -- stat1: %s;%s%s
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: INSERT OR IGNORE INTO "%s" VALUES(?,?);Error %d: %s on [%s]
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4057839504.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000000.2694786887.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793862969.00007FF6E0332000.00000008.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801153935.00007FF6E0333000.00000008.00000001.01000000.00000016.sdmpBinary or memory string: SELECT name,seq FROM sqlite_sequence ORDER BY name;
Source: C:\Users\user\Desktop\Setup.exeFile read: C:\Users\user\Desktop\Setup.exeJump to behavior
Source: unknownProcess created: C:\Users\user\Desktop\Setup.exe "C:\Users\user\Desktop\Setup.exe"
Source: C:\Users\user\Desktop\Setup.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://pcapp.store/installing.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&winver=19045&version=fa.1092c&nocache=20241111162518.134&_fcid=1731354202975821
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1904,i,16569833579586594677,17085664865935960481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5176 --field-trial-handle=1904,i,16569833579586594677,17085664865935960481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 --field-trial-handle=1904,i,16569833579586594677,17085664865935960481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Users\user\Desktop\Setup.exeProcess created: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp "C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp" /internal 1731354202975821 /force
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpProcess created: C:\Users\user\PCAppStore\PcAppStore.exe "C:\Users\user\PCAppStore\PcAppStore.exe" /init default
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpProcess created: C:\Users\user\PCAppStore\Watchdog.exe "C:\Users\user\PCAppStore\Watchdog.exe" /guid=2ED92742-89DC-DD72-92E8-869FA5A66493 /rid=20241111162608.285630578 /ver=fa.1092c
Source: C:\Windows\explorer.exeProcess created: C:\Users\user\PCAppStore\PcAppStore.exe "C:\Users\user\PCAppStore\PCAppStore.exe" /init default
Source: C:\Users\user\Desktop\Setup.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://pcapp.store/installing.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&winver=19045&version=fa.1092c&nocache=20241111162518.134&_fcid=1731354202975821Jump to behavior
Source: C:\Users\user\Desktop\Setup.exeProcess created: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp "C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp" /internal 1731354202975821 /forceJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1904,i,16569833579586594677,17085664865935960481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5176 --field-trial-handle=1904,i,16569833579586594677,17085664865935960481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 --field-trial-handle=1904,i,16569833579586594677,17085664865935960481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeProcess created: unknown unknownJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpProcess created: C:\Users\user\PCAppStore\PcAppStore.exe "C:\Users\user\PCAppStore\PcAppStore.exe" /init default Jump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpProcess created: C:\Users\user\PCAppStore\Watchdog.exe "C:\Users\user\PCAppStore\Watchdog.exe" /guid=2ED92742-89DC-DD72-92E8-869FA5A66493 /rid=20241111162608.285630578 /ver=fa.1092cJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeProcess created: unknown unknownJump to behavior
Source: C:\Windows\explorer.exeProcess created: C:\Users\user\PCAppStore\PcAppStore.exe "C:\Users\user\PCAppStore\PCAppStore.exe" /init default
Source: C:\Windows\explorer.exeProcess created: unknown unknown
Source: C:\Windows\explorer.exeProcess created: unknown unknown
Source: C:\Windows\explorer.exeProcess created: unknown unknown
Source: C:\Windows\explorer.exeProcess created: unknown unknown
Source: C:\Users\user\Desktop\Setup.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: acgenral.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: winmm.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: samcli.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: msacm32.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: mpr.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: winmmbase.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: winmmbase.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: oleacc.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: shfolder.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: wbemcomn.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: amsi.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: wininet.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: secur32.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: schannel.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: riched20.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: usp10.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: msls31.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: textshaping.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: windows.shell.servicehostbuilder.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: ieframe.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: netapi32.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: wkscli.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: windows.staterepositoryps.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: edputil.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: secur32.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: mlang.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: policymanager.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: msvcp110_win.dllJump to behavior
Source: C:\Users\user\Desktop\Setup.exeSection loaded: onecorecommonproxystub.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: dwmapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: oleacc.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: version.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: shfolder.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: wbemcomn.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: amsi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: wininet.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: iertutil.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: mswsock.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: winnsi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: dpapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: msasn1.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: cryptsp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: rsaenh.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: gpapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: urlmon.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: dnsapi.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: rasadhlp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: schannel.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: ntasn1.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: ncrypt.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: dhcpcsvc.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: secur32.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: linkinfo.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: ntshrui.dllJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpSection loaded: cscapi.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: apphelp.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: urlmon.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: iertutil.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: srvcli.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: netutils.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: version.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: wlanapi.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: iphlpapi.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: winhttp.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: dwmapi.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: wtsapi32.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: secur32.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: profapi.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: sspicli.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: kernel.appcore.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: wbemcomn.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: amsi.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: userenv.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: webio.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: mswsock.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: winnsi.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: uxtheme.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: uiautomationcore.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: propsys.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: oleacc.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: coremessaging.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: coreuicomponents.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: ntmarta.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: wintypes.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: uiamanager.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: dnsapi.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: rasadhlp.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: fwpuclnt.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: schannel.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: mskeyprotect.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: ntasn1.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: ncrypt.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: ncryptsslp.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: msasn1.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: cryptsp.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: rsaenh.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: cryptbase.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: gpapi.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: dpapi.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: sxs.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: wbemcomn.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: windowscodecs.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: textinputframework.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: winsta.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: windows.ui.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: windowmanagementapi.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: inputhost.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: twinapi.appcore.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: twinapi.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: windows.storage.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: wldp.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: windows.shell.servicehostbuilder.dllJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: apphelp.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: urlmon.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: winhttp.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: iertutil.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: srvcli.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: netutils.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: windows.storage.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: wldp.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: uxtheme.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: wininet.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: sspicli.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: profapi.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: mswsock.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: iphlpapi.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: winnsi.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: dnsapi.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: rasadhlp.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: fwpuclnt.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: schannel.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: mskeyprotect.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: ntasn1.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: msasn1.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: dpapi.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: cryptsp.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: rsaenh.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: cryptbase.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: gpapi.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: ncrypt.dll
Source: C:\Users\user\PCAppStore\Watchdog.exeSection loaded: ncryptsslp.dll
Source: C:\Windows\explorer.exeSection loaded: smartscreenps.dll
Source: C:\Windows\explorer.exeSection loaded: vcruntime140_1.dll
Source: C:\Windows\explorer.exeSection loaded: vcruntime140.dll
Source: C:\Windows\explorer.exeSection loaded: msvcp140.dll
Source: C:\Windows\explorer.exeSection loaded: vcruntime140.dll
Source: C:\Windows\explorer.exeSection loaded: capabilityaccessmanagerclient.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: urlmon.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: iertutil.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: srvcli.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: netutils.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: version.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: wlanapi.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: iphlpapi.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: winhttp.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: dwmapi.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: wtsapi32.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: secur32.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: profapi.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: sspicli.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: kernel.appcore.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: wbemcomn.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: amsi.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: userenv.dll
Source: C:\Users\user\PCAppStore\PcAppStore.exeSection loaded: ondemandconnroutehelper.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: uiautomationcore.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: propsys.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: cryptbase.dll
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeSection loaded: oleacc.dll
Source: C:\Users\user\Desktop\Setup.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{1f486a52-3cb1-48fd-8f50-b8dc300d9f9d}\InProcServer32Jump to behavior
Source: Google Drive.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: YouTube.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Sheets.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Gmail.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Slides.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: Docs.lnk.2.drLNK file: ..\..\..\..\..\..\..\..\..\Program Files\Google\Chrome\Application\chrome_proxy.exe
Source: PC App Store.lnk.9.drLNK file: ..\..\..\..\..\..\PCAppStore\PcAppStore.exe
Source: Window RecorderWindow detected: More than 3 window changes detected
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpRegistry value created: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCAppStoreJump to behavior
Source: Setup.exeStatic PE information: certificate valid
Source: Setup.exeStatic PE information: DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
Source: Binary string: C:\Build\Build_1092c_D20241025T171023\fa_rss\Watchdog\x64\Release\Watchdog.pdb source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002719000.00000004.00000020.00020000.00000000.sdmp, Watchdog.exe, 0000000C.00000002.4047676086.00007FF7D1ADA000.00000002.00000001.01000000.00000017.sdmp, Watchdog.exe, 0000000C.00000000.2696093430.00007FF7D1ADA000.00000002.00000001.01000000.00000017.sdmp
Source: Binary string: C:\Build\Build_1092c_D20241025T171023\fa_rss\AppStoreUpdater\Release\auto_updater.pdb1 source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002E04000.00000004.00000020.00020000.00000000.sdmp
Source: Binary string: R:\JoeSecurity\trunk\src\windows\usermode\tools\FakeChrome\Release\Chrome.pdb source: GkiQFNeggQCCdOqsaJMVyEE.exe, 0000000F.00000000.2752370370.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000011.00000000.2754394429.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000012.00000002.4026359781.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000013.00000002.4026094885.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000014.00000002.4025945379.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000015.00000000.2768953481.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000016.00000000.2770730459.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000017.00000002.4024583252.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000018.00000000.2773480947.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000019.00000000.2776032591.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 0000001A.00000000.2779227483.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 0000001B.00000000.2781138726.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 0000001C.00000002.4028352129.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 0000001D.00000000.2787133777.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 0000001F.00000002.4025618045.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000020.00000000.2800034264.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000021.00000002.4029699030.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000022.00000002.4028626320.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000023.00000002.4026494922.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000024.00000000.2808430301.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000025.00000000.2810198371.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000026.00000002.4026676399.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000027.00000000.2812408471.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000028.00000002.4026385933.000000000034E000.00000002.00000001.01000000.0000001A.sdmp, GkiQFNeggQCCdOqsaJMVyEE.exe, 00000029.00000000.2819940539.000000000034E000.00000002.00000001.01000000.0000
Source: Binary string: C:\Users\zak\Downloads\Inetc\Unicode\Plugins\inetc.pdb source: Setup.exe, 00000000.00000002.2359482949.000000000040A000.00000004.00000001.01000000.00000003.sdmp
Source: Binary string: C:\Build\Build_1092c_D20241025T171023\fa_rss\engine\Release\PCAppStore.pdb source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000000.2694749245.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000002.4057616607.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000002.2801012931.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000001E.00000000.2793792938.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmp
Source: Binary string: C:\Build\Build_1092c_D20241025T171023\fa_rss\AppStoreUpdater\Release\auto_updater.pdb source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002E04000.00000004.00000020.00020000.00000000.sdmp
Source: Setup.exeStatic PE information: real checksum: 0x3937f should be: 0x3361c
Source: NW_store.exe.9.drStatic PE information: real checksum: 0x0 should be: 0x23ab08
Source: System.dll.0.drStatic PE information: real checksum: 0x0 should be: 0x3d68
Source: System.dll.9.drStatic PE information: real checksum: 0x0 should be: 0x3d68
Source: vk_swiftshader.dll.9.drStatic PE information: real checksum: 0x0 should be: 0x44caa7
Source: ffmpeg.dll.9.drStatic PE information: real checksum: 0x0 should be: 0x1f8136
Source: nsJSON.dll.0.drStatic PE information: real checksum: 0x0 should be: 0x6718
Source: NSISFastLib.dll.0.drStatic PE information: real checksum: 0x0 should be: 0x30512
Source: inetc.dll.9.drStatic PE information: real checksum: 0x0 should be: 0x13c41
Source: vulkan-1.dll.9.drStatic PE information: real checksum: 0x0 should be: 0xe0b14
Source: nsJSON.dll.9.drStatic PE information: real checksum: 0x0 should be: 0x6718
Source: libEGL.dll.9.drStatic PE information: real checksum: 0x0 should be: 0x7ddc6
Source: Math.dll.9.drStatic PE information: real checksum: 0x0 should be: 0x155a8
Source: nw_elf.dll.9.drStatic PE information: real checksum: 0x0 should be: 0x124d11
Source: NSISFastLib.dll.9.drStatic PE information: real checksum: 0x0 should be: 0x30512
Source: inetc.dll.0.drStatic PE information: real checksum: 0x0 should be: 0x13c41
Source: libGLESv2.dll.9.drStatic PE information: real checksum: 0x0 should be: 0x7b9652
Source: notification_helper.exe.9.drStatic PE information: real checksum: 0x0 should be: 0x11edb8
Source: nsDialogs.dll.0.drStatic PE information: real checksum: 0x0 should be: 0x2f9b
Source: NW_store.exe.9.drStatic PE information: section name: .gxfg
Source: NW_store.exe.9.drStatic PE information: section name: .retplne
Source: NW_store.exe.9.drStatic PE information: section name: .voltbl
Source: NW_store.exe.9.drStatic PE information: section name: CPADinfo
Source: NW_store.exe.9.drStatic PE information: section name: _RDATA
Source: NW_store.exe.9.drStatic PE information: section name: malloc_h
Source: ffmpeg.dll.9.drStatic PE information: section name: .gxfg
Source: ffmpeg.dll.9.drStatic PE information: section name: .retplne
Source: ffmpeg.dll.9.drStatic PE information: section name: .voltbl
Source: ffmpeg.dll.9.drStatic PE information: section name: _RDATA
Source: libEGL.dll.9.drStatic PE information: section name: .gxfg
Source: libEGL.dll.9.drStatic PE information: section name: .retplne
Source: libEGL.dll.9.drStatic PE information: section name: .voltbl
Source: libEGL.dll.9.drStatic PE information: section name: _RDATA
Source: libEGL.dll.9.drStatic PE information: section name: malloc_h
Source: libGLESv2.dll.9.drStatic PE information: section name: .gxfg
Source: libGLESv2.dll.9.drStatic PE information: section name: .retplne
Source: libGLESv2.dll.9.drStatic PE information: section name: .voltbl
Source: libGLESv2.dll.9.drStatic PE information: section name: _RDATA
Source: libGLESv2.dll.9.drStatic PE information: section name: malloc_h
Source: node.dll.9.drStatic PE information: section name: .gxfg
Source: node.dll.9.drStatic PE information: section name: .retplne
Source: node.dll.9.drStatic PE information: section name: .voltbl
Source: node.dll.9.drStatic PE information: section name: _RDATA
Source: notification_helper.exe.9.drStatic PE information: section name: .gxfg
Source: notification_helper.exe.9.drStatic PE information: section name: .retplne
Source: notification_helper.exe.9.drStatic PE information: section name: .voltbl
Source: notification_helper.exe.9.drStatic PE information: section name: CPADinfo
Source: notification_helper.exe.9.drStatic PE information: section name: _RDATA
Source: notification_helper.exe.9.drStatic PE information: section name: malloc_h
Source: nw.dll.9.drStatic PE information: section name: .gxfg
Source: nw.dll.9.drStatic PE information: section name: .retplne
Source: nw.dll.9.drStatic PE information: section name: .rodata
Source: nw.dll.9.drStatic PE information: section name: .voltbl
Source: nw.dll.9.drStatic PE information: section name: CPADinfo
Source: nw.dll.9.drStatic PE information: section name: LZMADEC
Source: nw.dll.9.drStatic PE information: section name: _RDATA
Source: nw.dll.9.drStatic PE information: section name: malloc_h
Source: nw_elf.dll.9.drStatic PE information: section name: .crthunk
Source: nw_elf.dll.9.drStatic PE information: section name: .gxfg
Source: nw_elf.dll.9.drStatic PE information: section name: .retplne
Source: nw_elf.dll.9.drStatic PE information: section name: .voltbl
Source: nw_elf.dll.9.drStatic PE information: section name: CPADinfo
Source: nw_elf.dll.9.drStatic PE information: section name: _RDATA
Source: nw_elf.dll.9.drStatic PE information: section name: malloc_h
Source: vk_swiftshader.dll.9.drStatic PE information: section name: .gxfg
Source: vk_swiftshader.dll.9.drStatic PE information: section name: .retplne
Source: vk_swiftshader.dll.9.drStatic PE information: section name: .voltbl
Source: vk_swiftshader.dll.9.drStatic PE information: section name: _RDATA
Source: vulkan-1.dll.9.drStatic PE information: section name: .gxfg
Source: vulkan-1.dll.9.drStatic PE information: section name: .retplne
Source: vulkan-1.dll.9.drStatic PE information: section name: .voltbl
Source: vulkan-1.dll.9.drStatic PE information: section name: _RDATA
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\nwjs\node.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\nwjs\vk_swiftshader.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\nwjs\nw_elf.dllJump to dropped file
Source: C:\Users\user\Desktop\Setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\NSISFastLib.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\nwjs\vulkan-1.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\Watchdog.exeJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\inetc.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\PcAppStore.exeJump to dropped file
Source: C:\Users\user\Desktop\Setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\nsDialogs.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\Uninstaller.exeJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\nwjs\notification_helper.exeJump to dropped file
Source: C:\Users\user\Desktop\Setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\nsJSON.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\NSISFastLib.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\System.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\nwjs\d3dcompiler_47.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\Math.dllJump to dropped file
Source: C:\Users\user\Desktop\Setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\System.dllJump to dropped file
Source: C:\Users\user\Desktop\Setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\nwjs\libEGL.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\nwjs\ffmpeg.dllJump to dropped file
Source: C:\Users\user\Desktop\Setup.exeFile created: C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\inetc.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\AutoUpdater.exeJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\nwjs\NW_store.exeJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\nwjs\libGLESv2.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\nsJSON.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\nwjs\nw.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\ui\static\js\2.801b9d83.chunk.js.LICENSE.txtJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\PCAppStore\ReadMe.txtJump to behavior

Boot Survival

barindex
Creates multiple autostart registry keys
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run PcAppStoreUpdaterJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run WatchdogJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run PCAppStoreJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome AppsJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnkJump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exeFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnkJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpFile created: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnkJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run PCAppStoreJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run PCAppStoreJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run PcAppStoreUpdaterJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run PcAppStoreUpdaterJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run WatchdogJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run WatchdogJump to behavior
Source: C:\Users\user\Desktop\Setup.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdateJump to behavior
Source: C:\Users\user\Desktop\Setup.exeRegistry key monitored for changes: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRootJump to behavior
Source: C:\Users\user\Desktop\Setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\Desktop\Setup.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
Source: C:\Users\user\PCAppStore\PcAppStore.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Windows\explorer.exeProcess information set: NOOPENFILEERRORBOX
Source: C:\Users\user\PCAppStore\PcAppStore.exeProcess information set: NOOPENFILEERRORBOX

Malware Analysis System Evasion

barindex
Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines)
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select Caption from Win32_DiskDrive
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select Size from Win32_DiskDrive
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select Caption from Win32_DiskDrive
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select Size from Win32_DiskDrive
Source: C:\Users\user\PCAppStore\Watchdog.exeThread delayed: delay time: 300000
Source: C:\Users\user\PCAppStore\PcAppStore.exeWindow / User API: threadDelayed 656
Source: C:\Users\user\PCAppStore\PcAppStore.exeWindow / User API: threadDelayed 2315
Source: C:\Users\user\PCAppStore\PcAppStore.exeWindow / User API: foregroundWindowGot 1461
Source: C:\Windows\explorer.exeWindow / User API: foregroundWindowGot 427
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\PCAppStore\nwjs\node.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\PCAppStore\nwjs\vk_swiftshader.dllJump to dropped file
Source: C:\Users\user\Desktop\Setup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\nsJSON.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\PCAppStore\nwjs\nw_elf.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\NSISFastLib.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\System.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\PCAppStore\nwjs\d3dcompiler_47.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\Math.dllJump to dropped file
Source: C:\Users\user\Desktop\Setup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\NSISFastLib.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\PCAppStore\nwjs\vulkan-1.dllJump to dropped file
Source: C:\Users\user\Desktop\Setup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\System.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\PCAppStore\nwjs\libEGL.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\PCAppStore\nwjs\ffmpeg.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\inetc.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\PCAppStore\AutoUpdater.exeJump to dropped file
Source: C:\Users\user\Desktop\Setup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\inetc.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\PCAppStore\nwjs\libGLESv2.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\PCAppStore\nwjs\NW_store.exeJump to dropped file
Source: C:\Users\user\Desktop\Setup.exeDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\nsDialogs.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\nsJSON.dllJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\PCAppStore\Uninstaller.exeJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\PCAppStore\nwjs\notification_helper.exeJump to dropped file
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpDropped PE file which has not been started: C:\Users\user\PCAppStore\nwjs\nw.dllJump to dropped file
Source: C:\Users\user\PCAppStore\Watchdog.exe TID: 3008Thread sleep time: -120000s >= -30000s
Source: C:\Users\user\PCAppStore\Watchdog.exe TID: 7896Thread sleep time: -300000s >= -30000s
Source: C:\Users\user\PCAppStore\Watchdog.exe TID: 3008Thread sleep time: -60000s >= -30000s
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select ReleaseDate from Win32_BIOS
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select ReleaseDate from Win32_BIOS
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select UUID from Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select Vendor from Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select Version from Win32_ComputerSystemProduct
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select UUID from Win32_ComputerSystemProduct
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select Vendor from Win32_ComputerSystemProduct
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select Version from Win32_ComputerSystemProduct
Source: C:\Users\user\PCAppStore\PcAppStore.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\PCAppStore\PcAppStore.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_ComputerSystemProduct
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select Name from Win32_Processor
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select MaxClockSpeed from Win32_Processor
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select NumberOfCores from Win32_Processor
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select NumberOfLogicalProcessors from Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select Name from Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select MaxClockSpeed from Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select NumberOfCores from Win32_Processor
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : Select NumberOfLogicalProcessors from Win32_Processor
Source: C:\Users\user\PCAppStore\Watchdog.exeLast function: Thread delayed
Source: C:\Users\user\PCAppStore\Watchdog.exeThread delayed: delay time: 60000
Source: C:\Users\user\PCAppStore\Watchdog.exeThread delayed: delay time: 300000
Source: C:\Users\user\PCAppStore\Watchdog.exeThread delayed: delay time: 60000
Source: chrome.exe, 00000002.00000002.4064179807.00001E3000074000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware
Source: explorer.exe, 0000000D.00000002.4057234322.00000000076F8000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}99105f770555d7dd
Source: explorer.exe, 0000000D.00000002.4063857808.0000000009AF9000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000D.00000003.3942707582.0000000009AF9000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000D.00000003.3095272800.0000000009AF9000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000D.00000000.2708054715.0000000009AF9000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW0r
Source: explorer.exe, 0000000D.00000003.3943898648.0000000009B84000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: explorer.exe, 0000000D.00000002.4063857808.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CDROM&VEN_NECVMWAR&PROD_VMWARE_SATA_CD00\4&224F42EF&0&000000%
Source: PcAppStore.exe, 0000001E.00000003.2798043578.0000010FC4304000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMware, Inc.
Source: PcAppStore.exe, 0000001E.00000003.2798043578.0000010FC4304000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: stringComputer System ProductComputer System Product5VP2RA2ED92742-89DC-DD72-92E8-869FA5A66493VMware, Inc.None+
Source: PcAppStore.exe, 0000000B.00000002.4051185282.000001C049AA4000.00000004.00000020.00020000.00000000.sdmp, Watchdog.exe, 0000000C.00000002.4036290658.0000015B04055000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW0
Source: explorer.exe, 0000000D.00000002.4028623661.0000000000F13000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000A
Source: nsx2B3B.tmp, 00000009.00000002.2799043949.0000000000657000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMware, Inc.;F7J
Source: PcAppStore.exe, 0000000B.00000002.4053197577.000001C04C030000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}n
Source: Setup.exe, 00000000.00000003.2173908309.0000000000677000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000002.2361174841.0000000002BA7000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000002.2360094188.0000000000677000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000003.2672325931.0000000000649000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000003.2672119306.000000000065D000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2799043949.0000000000649000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2799043949.0000000000657000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4051185282.000001C049B49000.00000004.00000020.00020000.00000000.sdmp, Watchdog.exe, 0000000C.00000003.2707908983.0000015B040BD000.00000004.00000020.00020000.00000000.sdmp, Watchdog.exe, 0000000C.00000002.4041116558.0000015B040BD000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4063857808.0000000009B2C000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
Source: nsx2B3B.tmp, 00000009.00000002.2799043949.0000000000657000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMware%2C+Inc%2E{
Source: Setup.exe, 00000000.00000003.2150883699.00000000005FC000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: VMware%2C+Inc%2E
Source: Setup.exe, 00000000.00000003.2154735908.0000000000655000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: cstem_stats":{"os_name":"Microsoft+Windows+10+Pro","os_installdate":"20231003105718%2E000000%2B120","os_processes":"110","os_architecture":"64-bit","os_virtmem":"8387636","os_mem":"4193332","cpu_name":"Intel%28R%29+Core%28TM%292+CPU+6600+%40+2%2E40+GHz","cpu_maxclock":"2000","cpu_cores":"4","cpu_logicalproc":"1","pc_vendor":"VMware%2C+Inc%2E","pc_version":"None","gpu_name":"26ZMCXA","gpu_ram":"0","gpu_bitsperpixel":"32","gpu_x":"1280","gpu_y":"1024","disk_name":"3K6V_LVU+SCSI+Disk+Device","disk_size":"412300001200","sec_as":"","sec_av":"Windows+Defender","sec_fw":"","bios_releasedate":"20221121000000%2E000000%2B000"},"pcapps":{"0":"7-Zip+23%2E01+%28x64%29","1":"Mozilla+Firefox+%28x64+en-US%29","2":"Mozilla+Maintenance+Service","3":"Microsoft+Office+Professional+Plus+2019+-+en-us","4":"Microsoft+Visual+C%2B%2B+2022+X64+Additional+Runtime+-+14%2E36%2E32532","5":"Office+16+Click-to-Run+Licensing+Component","6":"Office+16+Click-to-Run+Extensibility+Component+64-bit+Registration","7":"Adobe+Acrobat+%2864-bit%29","8":"Microsoft+Visual+C%2B%2B+2022+X64+Minimum+Runtime+-+14%2E36%2E32532","9":"Google+Chrome","10":"Microsoft+Edge","11":"Microsoft+Edge+Update","12":"Microsoft+Edge+WebView2+Runtime","13":"Java+Auto+Updater","14":"Java+8+Update+381","15":"Microsoft+Visual+C%2B%2B+2015-2022+Redistributable+%28x64%29+-+14%2E36%2E32532","16":"Office+16+Click-to-Run+Extensibility+Component"},"processes":{"0":"ApplicationFrameHost%2Eexe","1":"GkiQFNeggQCCdOqsaJMVyEE%2Eexe","2":"Memory+Compression",
Source: Setup.exe, 00000000.00000003.2154938492.0000000000664000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: {"system_stats":{"os_name":"Microsoft+Windows+10+Pro","os_installdate":"20231003105718%2E000000%2B120","os_processes":"110","os_architecture":"64-bit","os_virtmem":"8387636","os_mem":"4193332","cpu_name":"Intel%28R%29+Core%28TM%292+CPU+6600+%40+2%2E40+GHz","cpu_maxclock":"2000","cpu_cores":"4","cpu_logicalproc":"1","pc_vendor":"VMware%2C+Inc%2E","pc_version":"None","gpu_name":"26ZMCXA","gpu_ram":"0","gpu_bitsperpixel":"32","gpu_x":"1280","gpu_y":"1024","disk_name":"3K6V_LVU+SCSI+Disk+Device","disk_size":"412300001200","sec_as":"","sec_av":"Windows+Defender","sec_fw":"","bios_releasedate":"20221121000000%2E000000%2B000"},"pcapps":{"0":"7-Zip+23%2E01+%28x64%29","1":"Mozilla+Firefox+%28x64+en-US%29","2":"Mozilla+Maintenance+Service","3":"Microsoft+Office+Professional+Plus+2019+-+en-us","4":"Microsoft+Visual+C%2B%2B+2022+X64+Additional+Runtime+-+14%2E36%2E32532","5":"Office+16+Click-to-Run+Licensing+Component","6":"Office+16+Click-to-Run+Extensibility+Component+64-bit+Registration","7":"Adobe+Acrobat+%2864-bit%29","8":"Microsoft+Visual+C%2B%2B+2022+X64+Minimum+Runtime+-+14%2E36%2E32532","9":"Google+Chrome","10":"Microsoft+Edge","11":"Microsoft+Edge+Update","12":"Microsoft+Edge+WebView2+Runtime","13":"Java+Auto+Updater","14":"Java+8+Update+381","15":"Microsoft+Visual+C%2B%2B+2015-2022+Redistributable+%28x64%29+-+14%2E36%2E32532","16":"Office+16+Click-to-Run+Extensibility+Component"},"processes":{"0":"ApplicationFrameHost%2Eexe","1":"GkiQFNeggQCCdOqsaJMVyEE%2Eexe","2":"Memory+Compression","3":"OfficeClickToRun%2Eexe","4":"Registry","5":"RuntimeBroker%2Eexe","6":"SearchApp%2Eexe","7":"Setup%2Eexe","8":"SgrmBroker%2Eexe","9":"ShellExperienceHost%2Eexe","10":"StartMenuExperienceHost%2Eexe","11":"System","12":"SystemSettings%2Eexe","13":"TextInputHost%2Eexe","14":"WinStore%2EApp%2Eexe","15":"WmiPrvSE%2Eexe","16":"%5BSystem+Process%5D","17":"audiodg%2Eexe","18":"backgroundTaskHost%2Eexe","19":"conhost%2Eexe","20":"csrss%2Eexe","21":"ctfmon%2Eexe","22":"dasHost%2Eexe","23":"dllhost%2Eexe","24":"dwm%2Eexe","25":"explorer%2Eexe","26":"fontdrvhost%2Eexe","27":"lsass%2Eexe","28":"services%2Eexe","29":"sihost%2Eexe","30":"smartscreen%2Eexe","31":"smss%2Eexe","32":"spoolsv%2Eexe","33":"svchost%2Eexe","34":"upfc%2Eexe","35":"wininit%2Eexe","36":"winlogon%2Eexe"},"sys_lang":"en-GB","parent_proc":"explorer%2Eexe"}
Source: nsx2B3B.tmp, 00000009.00000002.2799043949.00000000005B8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: _VMware_ []
Source: Watchdog.exe, 0000000C.00000002.4036290658.0000015B04055000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWdWndClassSv4/
Source: chrome.exe, 00000002.00000002.4055901212.00000205CB2F7000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000001E.00000002.2800158169.0000010FC42CE000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000001E.00000003.2799010748.0000010FC42CE000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
Source: chrome.exe, 00000002.00000002.4063895549.00001E3000024000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware Virtual USB MousepL
Source: explorer.exe, 0000000D.00000003.3943898648.0000000009B84000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b},
Source: Setup.exe, 00000000.00000003.2154735908.0000000000666000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: {"system_stats":{"os_name":"Microsoft+Windows+10+Pro","os_installdate":"20231003105718%2E000000%2B120","os_processes":"110","os_architecture":"64-bit","os_virtmem":"8387636","os_mem":"4193332","cpu_name":"Intel%28R%29+Core%28TM%292+CPU+6600+%40+2%2E40+GHz","cpu_maxclock":"2000","cpu_cores":"4","cpu_logicalproc":"1","pc_vendor":"VMware%2C+Inc%2E","pc_version":"None","gpu_name":"26ZMCXA","gpu_ram":"0","gpu_bitsperpixel":"32","gpu_x":"1280","gpu_y":"1024","disk_name":"3K6V_LVU+SCSI+Disk+Device","disk_size":"412300001200","sec_as":"","sec_av":"Windows+Defender","sec_fw":"","bios_releasedate":"20221121000000%2E000000%2B000"},"pcapps":{"0":"7-Zip+23%2E01+%28x64%29","1":"Mozilla+Firefox+%28x64+en-US%29","2":"Mozilla+Maintenance+Service","3":"Microsoft+Office+Professional+Plus+2019+-+en-us","4":"Microsoft+Visual+C%2B%2B+2022+X64+Additional+Runtime+-+14%2E36%2E32532","5":"Office+16+Click-to-Run+Licensing+Component","6":"Office+16+Click-to-Run+Extensibility+Component+64-bit+Registration","7":"Adobe+Acrobat+%2864-bit%29","8":"Microsoft+Visual+C%2B%2B+2022+X64+Minimum+Runtime+-+14%2E36%2E32532","9":"Google+Chrome","10":"Microsoft+Edge","11":"Microsoft+Edge+Update","12":"Microsoft+Edge+WebView2+Runtime","13":"Java+Auto+Updater","14":"Java+8+Update+381","15":"Microsoft+Visual+C%2B%2B+2015-2022+Redistributable+%28x64%29+-+14%2E36%2E32532","16":"Office+16+Click-to-Run+Extensibility+Component"},"processes":{"0":"ApplicationFrameHost%2Eexe","1":"GkiQFNeggQCCdOqsaJMVyEE%2Eexe","2":"Memory+Compression","3":"OfficeClickToRun%2Eexe","4":"Registry","5":"RuntimeBroker%2Eexe","6":"SearchApp%2Eexe","7":"Setup%2Eexe","8":"SgrmBroker%2Eexe","9":"ShellExperienceHost%2Eexe","10":"StartMenuExperienceHost%2Eexe","11":"System","12":"SystemSettings%2Eexe",
Source: PcAppStore.exe, 0000001E.00000003.2798043578.0000010FC4304000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: stringComputer System ProductComputer System Product5VP2RA2ED92742-89DC-DD72-92E8-869FA5A66493VMware, Inc.Noney*
Source: PcAppStore.exe, 0000000B.00000002.4051185282.000001C049A6C000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: \Device\HarddiskVolume1\??\Volume{ad6cc5d8-f1a9-4873-be33-91b2f05e9306}\??\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\Device\CdRom0\??\Volume{a33c736e-61ca-11ee-8c18-806e6f6e6963}\DosDev
Source: explorer.exe, 0000000D.00000003.3943898648.0000000009B84000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\Disk&Ven_VMware&Prod_Virtual_disk\4&1656f219&0&000000
Source: explorer.exe, 0000000D.00000003.3943898648.0000000009B84000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: NXTcaVMWare
Source: Setup.exe, 00000000.00000003.2151992643.00000000005F1000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: LstringVMware, Inc.4
Source: explorer.exe, 0000000D.00000003.3943898648.0000000009B84000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware SATA CD00
Source: explorer.exe, 0000000D.00000002.4050955695.0000000003530000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware-42 27 d9 2e dc 89 72 dX
Source: tempPOSTData.9.drBinary or memory string: {"system_stats":{"os_name":"Microsoft+Windows+10+Pro","os_installdate":"20231003105718%2E000000%2B120","os_processes":"110","os_architecture":"64-bit","os_virtmem":"8387636","os_mem":"4193332","cpu_name":"Intel%28R%29+Core%28TM%292+CPU+6600+%40+2%2E40+GHz","cpu_maxclock":"2000","cpu_cores":"4","cpu_logicalproc":"1","pc_vendor":"VMware%2C+Inc%2E","pc_version":"None","gpu_name":"26ZMCXA","gpu_ram":"0","gpu_bitsperpixel":"32","gpu_x":"1280","gpu_y":"1024","disk_name":"3K6V_LVU+SCSI+Disk+Device","disk_size":"412300001200","sec_as":"","sec_av":"Windows+Defender","sec_fw":"","bios_releasedate":"20221121000000%2E000000%2B000"},"pcapps":{"0":"7-Zip+23%2E01+%28x64%29","1":"Mozilla+Firefox+%28x64+en-US%29","2":"Mozilla+Maintenance+Service","3":"Microsoft+Office+Professional+Plus+2019+-+en-us","4":"Microsoft+Visual+C%2B%2B+2022+X64+Additional+Runtime+-+14%2E36%2E32532","5":"Office+16+Click-to-Run+Licensing+Component","6":"Office+16+Click-to-Run+Extensibility+Component+64-bit+Registration","7":"Adobe+Acrobat+%2864-bit%29","8":"Microsoft+Visual+C%2B%2B+2022+X64+Minimum+Runtime+-+14%2E36%2E32532","9":"YouTube","10":"Sheets","11":"Slides","12":"Docs","13":"Gmail","14":"Google+Drive","15":"YouTube","16":"Sheets","17":"Slides","18":"Docs","19":"Gmail","20":"Google+Drive","21":"Microsoft+Edge","22":"Microsoft+Edge+Update","23":"Microsoft+Edge+WebView2+Runtime","24":"Java+Auto+Updater","25":"Java+8+Update+381","26":"Microsoft+Visual+C%2B%2B+2015-2022+Redistributable+%28x64%29+-+14%2E36%2E32532","27":"Office+16+Click-to-Run+Extensibility+Component"},"processes":{"0":"ApplicationFrameHost%2Eexe","1":"GkiQFNeggQCCdOqsaJMVyEE%2Eexe","2":"Memory+Compression","3":"OfficeClickToRun%2Eexe","4":"Registry","5":"RuntimeBroker%2Eexe","6":"SIHClient%2Eexe","7":"SearchApp%2Eexe","8":"SgrmBroker%2Eexe","9":"ShellExperienceHost%2Eexe","10":"StartMenuExperienceHost%2Eexe","11":"System","12":"SystemSettings%2Eexe","13":"TextInputHost%2Eexe","14":"WMIADAP%2Eexe","15":"WinStore%2EApp%2Eexe","16":"WmiPrvSE%2Eexe","17":"%5BSystem+Process%5D","18":"audiodg%2Eexe","19":"chrome%2Eexe","20":"conhost%2Eexe","21":"csrss%2Eexe","22":"ctfmon%2Eexe","23":"dasHost%2Eexe","24":"dllhost%2Eexe","25":"dwm%2Eexe","26":"explorer%2Eexe","27":"fontdrvhost%2Eexe","28":"lsass%2Eexe","29":"nsx2B3B%2Etmp","30":"services%2Eexe","31":"sihost%2Eexe","32":"smartscreen%2Eexe","33":"smss%2Eexe","34":"spoolsv%2Eexe","35":"svchost%2Eexe","36":"wininit%2Eexe","37":"winlogon%2Eexe"}}
Source: explorer.exe, 0000000D.00000002.4057234322.00000000076F8000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}^
Source: explorer.exe, 0000000D.00000003.3943898648.0000000009B84000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: War&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b} },{ "
Source: explorer.exe, 0000000D.00000002.4050955695.0000000003530000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware, Inc.NoneVMware-42 27 d9 2e dc 89 72 dX
Source: explorer.exe, 0000000D.00000002.4050955695.0000000003530000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: VMware,p
Source: explorer.exe, 0000000D.00000003.3943898648.0000000009B84000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: SCSI\CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00\4&224f42ef&0&000000_
Source: explorer.exe, 0000000D.00000003.3943898648.0000000009B84000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000000100000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000006500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000C5E500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\STORAGE#Volume#{a33c735c-61ca-11ee-8c18-806e6f6e6963}#0000000007500000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}\\?\SCSI#CdRom&Ven_Msft&Prod_Virtual_DVD-ROM#2&1f4adffe&0&000001#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}0#{5-
Source: chrome.exe, 00000002.00000002.4065982752.00001E3000290000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: USB device added: path=\\?\usb#vid_0e0f&pid_0003#5&2dda038&0&5#{a5dcbf10-6530-11d2-901f-00c04fb951ed} vendor=3599 "VMware", product=3 "VMware Virtual USB Mouse", serial="", driver="usbccgp", guid=496b31f6-b6e3-43ca-adcb-7c3e278cd53c
Source: explorer.exe, 0000000D.00000002.4028623661.0000000000F13000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: SCSI\DISK&VEN_VMWARE&PROD_VIRTUAL_DISK\4&1656F219&0&000000
Source: nsx2B3B.tmp, 00000009.00000003.2672119306.000000000065D000.00000004.00000020.00020000.00000000.sdmp, nsx2B3B.tmp, 00000009.00000002.2799043949.0000000000657000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAWC
Source: explorer.exe, 0000000D.00000002.4063857808.0000000009B41000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\scsi#cdrom&ven_necvmwar&prod_vmware_sata_cd00#4&224f42ef&0&000000#{53f56308-b6bf-11d0-94f2-00a0c91efb8b}
Source: Setup.exe, 00000000.00000002.2359917051.00000000005B6000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: :"4","cpu_logicalproc":"1","pc_vendor":"VMware%2C+Inc%2E","pc_version":"None","gpu`
Source: explorer.exe, 0000000D.00000000.2702922117.000000000769A000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: \\?\SCSI#CdRom&Ven_NECVMWar&Prod_VMware_SATA_CD00#4&224f42ef&0&000000#{53f5630d-b6bf-11d0-94f2-00a0c91efb8b}
Source: C:\Users\user\Desktop\Setup.exeProcess information queried: ProcessInformationJump to behavior

HIPS / PFW / Operating System Protection Evasion

barindex
Found direct / indirect Syscall (likely to bypass EDR)
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtQueryAttributesFile: Direct from: 0x76EF2E6C
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtCreateMutant: Direct from: 0x76EF35CC
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtQueryVolumeInformationFile: Direct from: 0x76EF2F2C
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtMapViewOfSection: Direct from: 0x76EF2D1C
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtOpenSection: Direct from: 0x76EF2E0C
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtDeviceIoControlFile: Direct from: 0x76EF2AEC
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtAllocateVirtualMemory: Direct from: 0x76EF2BFC
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtAddAtomEx: Direct from: 0x76EF312C
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtQueryValueKey: Direct from: 0x76EF2BEC
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtSetInformationThread: Direct from: 0x76EF2ECC
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtCreateFile: Direct from: 0x76EF2FEC
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtOpenFile: Direct from: 0x76EF2DCC
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtQueryInformationProcess: Direct from: 0x76EF2C26
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtTerminateThread: Direct from: 0x76EF2FCC
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtOpenKeyEx: Direct from: 0x76EF3C9C
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtOpenKeyEx: Direct from: 0x76EF2B9C
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtClose: Direct from: 0x76EF2B6C
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtSetInformationProcess: Direct from: 0x76EF2C5C
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtReadVirtualMemory: Direct from: 0x76EF2E8C
Source: C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exeNtProtectVirtualMemory: Direct from: 0x76EF2F9C
Source: C:\Users\user\Desktop\Setup.exeProcess created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://pcapp.store/installing.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&winver=19045&version=fa.1092c&nocache=20241111162518.134&_fcid=1731354202975821Jump to behavior
Source: explorer.exe, 0000000D.00000003.3946232026.0000000009BAF000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000D.00000003.3095057058.0000000009B8A000.00000004.00000001.00020000.00000000.sdmp, explorer.exe, 0000000D.00000003.3944461222.0000000009BAE000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Shell_TrayWnd=
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000000.2694749245.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000002.4057616607.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmpBinary or memory string: C++/WinRT version:2.0.220110.5productr_binErreCode=%dproductcreate_shortcutshortcut_erroroid=%luSHGetFolderPath_error_code=%X&oid=%luQueryInterface_error_code=%X&oid=%luCoCreateInstance_error_code=%X&oid=%lu.lnknfinityan.lnkindsnanproductshortcut_delete_erroreC=%XnfinityanindsnanShell_TrayWnd0p+00p+0unknowninfnan(ind)nannan(snan)infnan(ind)nannan(snan)infnan(ind)nannan(snan)infnan(ind)nannan(snan)unknownLTRRTLLTRinfnan(ind)nannan(snan)infnan(ind)nannan(snan)type must be string, but is type must be number, but is type must be number, but is \\\HKEY_CLASSES_ROOTHKEY_CURRENT_USERHKEY_LOCAL_MACHINEHKEY_USERSHKEY_CURRENT_CONFIGCurrentBuildBuildNumberSOFTWARE\Microsoft\Windows NT\CurrentVersionSOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon%lu%02X\/Software\Microsoft\Windows\CurrentVersion\RunSoftware\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\RunSoftware\Microsoft\Windows\CurrentVersion\RunSoftware\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\RunSoftware\PCAppStoreAppParamdefaultauto_start_oncontextual_offersperiodical_offerspersonilized_notifications%us%5B%5D=\uparamsnametype must be string, but is paramsnameurloidentryAppfilePath0e+000e+00RoGetActivationFactorycombase.dllCoIncrementMTAUsagecombase.dll^(https?://(?:www.)?([^/]+))(/.*)?$.dllDllGetActivationFactoryURL format is not valid : %wsWinHTTP 1.0handle initialization failuretimeout init failurehandle connection failureGEThandle request creation failurehandle request or response failurefile creation failurequery data not availableurloidlastTimeoTypesessionIdtagretmessageRoGetActivationFactorycombase.dllCoIncrementMTAUsagecombase.dll.dllDllGetActivationFactoryiconnamepathoidanimationsoundmenu_storemenu_searchhttps://pcapp.storenamepathmicrosoftIdregpathkeydisplaycountblinkingnotificationIconrunParampathalt_linkmicrosoftIdregpathkeyidwinGetParamsaltActionaltActionParamsid
Source: chrome.exe, 00000002.00000002.4057303706.00000205CBB11000.00000002.00000001.00040000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4051185282.000001C049ADB000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000D.00000000.2700605889.0000000001731000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Program Manager
Source: chrome.exe, 00000002.00000002.4057303706.00000205CBB11000.00000002.00000001.00040000.00000000.sdmp, PcAppStore.exe, 0000000B.00000003.2837709840.000001C04C092000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000D.00000000.2702683412.0000000004B00000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: Shell_TrayWnd
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000000.2694749245.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000002.4057616607.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmpBinary or memory string: productui_creation_failedcreation_error=%wsui_termination_errordirectory_switching_error.\nwjs\NW_store.exe.\ui\.ENDING_EVT_HANDLERWindows Default Lock ScreenLocalPCAppStore\productsystem_eventmsg=shutdownshutdownproductsystem_eventmsg=logofflogoff{"app":{"menu_search":{"search_request":"", "page":"b"},"show_window": "menu_search"}}ClosingEventproducttaskbar_handler_erroreCode=%luShell_TrayWndStartTrayDummySearchControlTrayButton
Source: chrome.exe, 00000002.00000002.4057303706.00000205CBB11000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 0000000D.00000000.2700605889.0000000001731000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 0000000D.00000002.4045829712.0000000001731000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progman
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000000.2694749245.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000002.4057616607.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmpBinary or memory string: list too longStartMenuExperienceHost.exeShellExperienceHost.exeexplorer.exeSearchApp.exeSearchUI.exeSearchHost.exe{"app":{"menu_search":{"search_request":"", "page":"a", "top":%d,"left":%d,"bottom":%d,"right":%d},"show_window": "menu_search"}}{"app": {"hide_window": "menu_search"}}Shell_TrayWndStartTrayDummySearchControlTrayButton
Source: chrome.exe, 00000002.00000002.4057303706.00000205CBB11000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 0000000D.00000000.2700605889.0000000001731000.00000002.00000001.00040000.00000000.sdmp, explorer.exe, 0000000D.00000002.4045829712.0000000001731000.00000002.00000001.00040000.00000000.sdmpBinary or memory string: Progmanlock
Source: explorer.exe, 0000000D.00000000.2700001697.0000000000EF8000.00000004.00000020.00020000.00000000.sdmp, explorer.exe, 0000000D.00000002.4028623661.0000000000EF8000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: PProgman
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000000.2694749245.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000002.4057616607.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmpBinary or memory string: TTaskbarShell_TrayWnd{"app": {"init":{"direction":"%c","screen_size":{"with_topbar":%d,"t":%d,"l":%d,"b":%d,"r":%d}}}}
Source: nsx2B3B.tmp, 00000009.00000002.2800509431.0000000002B0D000.00000004.00000020.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000000.2694749245.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmp, PcAppStore.exe, 0000000B.00000002.4057616607.00007FF6E02EB000.00000002.00000001.01000000.00000016.sdmpBinary or memory string: NWidgetShell_TrayWndTrayNotifyWnd+TrayButtonPNGArial++
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpQueries volume information: C:\ VolumeInformationJump to behavior
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : Select displayName from AntiSpywareProduct
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : Select displayName from AntiVirusProduct
Source: C:\Users\user\Desktop\Setup.exeWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : Select displayName from FirewallProduct
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : Select displayName from AntiSpywareProduct
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : Select displayName from AntiVirusProduct
Source: C:\Users\user\AppData\Local\Temp\nsx2B3B.tmpWMI Queries: IWbemServices::ExecQuery - ROOT\SecurityCenter2 : Select displayName from FirewallProduct

Stealing of Sensitive Information

barindex
Tries to harvest and steal browser information (history, passwords, etc)
Source: C:\Users\user\PCAppStore\PcAppStore.exeFile opened: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Secure PreferencesJump to behavior
Source: pt-PT.pak.info.9.drBinary or memory string: IDS_WIN_8_1_OBSOLETE,943,../../chrome/app/chromium_strings.grd
Source: pt-PT.pak.info.9.drBinary or memory string: IDS_WIN_XP_VISTA_OBSOLETE,940,../../chrome/app/chromium_strings.grd
Source: pt-PT.pak.info.9.drBinary or memory string: IDS_WIN_8_OBSOLETE,942,../../chrome/app/chromium_strings.grd
Source: pt-PT.pak.info.9.drBinary or memory string: IDS_WIN_7_OBSOLETE,941,../../chrome/app/chromium_strings.grd

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts141
Windows Management Instrumentation		1
Windows Service		1
Windows Service		1
Masquerading		1
OS Credential Dumping		1
Query Registry		Remote Services1
Input Capture		1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/Job111
Registry Run Keys / Startup Folder		12
Process Injection		141
Virtualization/Sandbox Evasion		1
Input Capture		231
Security Software Discovery		Remote Desktop Protocol1
Data from Local System		3
Ingress Tool Transfer		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAt1
DLL Side-Loading		1
Abuse Elevation Control Mechanism		12
Process Injection		Security Account Manager2
Process Discovery		SMB/Windows Admin SharesData from Network Shared Drive4
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCron1
DLL Search Order Hijacking		111
Registry Run Keys / Startup Folder		1
Abuse Elevation Control Mechanism		NTDS141
Virtualization/Sandbox Evasion		Distributed Component Object ModelInput Capture5
Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon Script1
DLL Side-Loading		1
DLL Side-Loading		LSA Secrets1
Application Window Discovery		SSHKeyloggingFallback ChannelsScheduled TransferData Encrypted for Impact
Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC Scripts1
DLL Search Order Hijacking		1
DLL Search Order Hijacking		Cached Domain Credentials1
File and Directory Discovery		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup ItemsCompile After DeliveryDCSync132
System Information Discovery		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Is Windows Process
  • Number of created Registry Values
  • Number of created Files
  • Visual Basic
  • Delphi
  • Java
  • .Net C# or VB.NET
  • C, C++ or other language
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1554012 Sample: Setup.exe Startdate: 11/11/2024 Architecture: WINDOWS Score: 57 61 www.google.com 2->61 63 pcapp.store 2->63 65 5 other IPs or domains 2->65 95 Antivirus detection for URL or domain 2->95 97 Multi AV Scanner detection for dropped file 2->97 99 Machine Learning detection for sample 2->99 10 Setup.exe 2 41 2->10         started        signatures3 process4 dnsIp5 83 1285660440.rsc.cdn77.org 37.19.194.80 INTERTELECOMUA Ukraine 10->83 85 pcapp.store 167.99.235.203 DIGITALOCEAN-ASNUS United States 10->85 45 C:\Users\user\AppData\Local\...\nsx2B3B.tmp, PE32 10->45 dropped 47 C:\Users\user\AppData\Local\...\nsJSON.dll, PE32 10->47 dropped 49 C:\Users\user\AppData\Local\...\nsDialogs.dll, PE32 10->49 dropped 51 3 other files (none is malicious) 10->51 dropped 103 Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines) 10->103 15 nsx2B3B.tmp 11 252 10->15         started        19 chrome.exe 9 10->19         started        file6 signatures7 process8 dnsIp9 53 C:\Users\user\PCAppStore\nwjs\vulkan-1.dll, PE32+ 15->53 dropped 55 C:\Users\user\...\vk_swiftshader.dll, PE32+ 15->55 dropped 57 C:\Users\user\PCAppStore\nwjs\nw_elf.dll, PE32+ 15->57 dropped 59 17 other files (11 malicious) 15->59 dropped 87 Multi AV Scanner detection for dropped file 15->87 89 Queries sensitive disk information (via WMI, Win32_DiskDrive, often done to detect virtual machines) 15->89 91 Creates multiple autostart registry keys 15->91 22 PcAppStore.exe 3 15->22         started        26 Watchdog.exe 15->26         started        67 192.168.2.15 unknown unknown 19->67 69 192.168.2.5 unknown unknown 19->69 71 239.255.255.250 unknown Reserved 19->71 28 chrome.exe 19->28         started        30 chrome.exe 19->30         started        32 chrome.exe 6 19->32         started        file10 signatures11 process12 dnsIp13 73 ev.pcapp.store 147.182.211.77 BV-PUBLIC-ASNUS United States 22->73 101 Tries to harvest and steal browser information (history, passwords, etc) 22->101 34 GkiQFNeggQCCdOqsaJMVyEE.exe 22->34 injected 37 explorer.exe 22->37 injected 39 GkiQFNeggQCCdOqsaJMVyEE.exe 22->39 injected 41 25 other processes 22->41 75 d74queuslupub.cloudfront.net 18.239.94.39 AMAZON-02US United States 26->75 77 1715720427.rsc.cdn77.org 207.211.211.27 NAVISITE-EAST-2US United States 28->77 79 142.250.181.226 GOOGLEUS United States 28->79 81 11 other IPs or domains 28->81 signatures14 process15 signatures16 93 Found direct / indirect Syscall (likely to bypass EDR) 34->93 43 PcAppStore.exe 37->43         started        process17

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
Setup.exe100%Joe Sandbox ML

Dropped Files

SourceDetectionScannerLabelLink
C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\Math.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\NSISFastLib.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\System.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\inetc.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\nsJSON.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\NSISFastLib.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\System.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\inetc.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\nsDialogs.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\nsJSON.dll0%ReversingLabs
C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp46%ReversingLabsWin32.PUA.Generic
C:\Users\user\PCAppStore\AutoUpdater.exe5%ReversingLabs
C:\Users\user\PCAppStore\PcAppStore.exe8%ReversingLabs
C:\Users\user\PCAppStore\Uninstaller.exe29%ReversingLabs
C:\Users\user\PCAppStore\Watchdog.exe5%ReversingLabs
C:\Users\user\PCAppStore\nwjs\NW_store.exe0%ReversingLabs
C:\Users\user\PCAppStore\nwjs\d3dcompiler_47.dll0%ReversingLabs
C:\Users\user\PCAppStore\nwjs\ffmpeg.dll0%ReversingLabs
C:\Users\user\PCAppStore\nwjs\libEGL.dll0%ReversingLabs
C:\Users\user\PCAppStore\nwjs\libGLESv2.dll0%ReversingLabs
C:\Users\user\PCAppStore\nwjs\node.dll0%ReversingLabs
C:\Users\user\PCAppStore\nwjs\notification_helper.exe0%ReversingLabs
C:\Users\user\PCAppStore\nwjs\nw.dll0%ReversingLabs
C:\Users\user\PCAppStore\nwjs\nw_elf.dll0%ReversingLabs
C:\Users\user\PCAppStore\nwjs\vk_swiftshader.dll0%ReversingLabs
C:\Users\user\PCAppStore\nwjs\vulkan-1.dll0%ReversingLabs

Unpacked PE Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://anglebug.com/2970rm0%Avira URL Cloudsafe
http://anglebug.com/3584p0%Avira URL Cloudsafe
http://anglebug.com/5881~0%Avira URL Cloudsafe
https://chrome.google.coNT0%Avira URL Cloudsafe
http://anglebug.com/5881y0%Avira URL Cloudsafe
https://chrome.google.coN100%Avira URL Cloudmalware
https://pcapp.storeAccess-Coro0%Avira URL Cloudsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
1715720427.rsc.cdn77.org
207.211.211.27
truefalse
    		high
    chrome.cloudflare-dns.com
    		172.64.41.3
    		truefalse
      		high
      google.com
      		142.250.185.110
      		truefalse
        		high
        googleads.g.doubleclick.net
        		142.250.185.194
        		truefalse
          		high
          1285660440.rsc.cdn77.org
          		37.19.194.80
          		truefalse
            		unknown
            analytics.google.com
            		142.250.185.78
            		truefalse
              		high
              td.doubleclick.net
              		142.250.185.226
              		truefalse
                		high
                www.google.com
                		142.250.185.132
                		truefalse
                  		high
                  pcapp.store
                  		167.99.235.203
                  		truefalse
                    		high
                    d74queuslupub.cloudfront.net
                    		18.239.94.39
                    		truefalse
                      		unknown
                      stats.g.doubleclick.net
                      		66.102.1.154
                      		truefalse
                        		high
                        ev.pcapp.store
                        		147.182.211.77
                        		truefalse
                          		high
                          repository.pcapp.store
                          		unknown
                          		unknownfalse
                            		high
                            delivery.pcapp.store
                            		unknown
                            		unknownfalse
                              		unknown

                              Contacted URLs

                              NameMaliciousAntivirus DetectionReputation
                              https://pcapp.store/appstore-topbar/?a=init&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&nocache=1731360391973false
                                		high
                                https://pcapp.store/pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_auto_updater&evt_action=end&&eng_time=1731360412294&nocache=313578false
                                  		high
                                  https://pcapp.store/pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_mini_installer&evt_action=download_start&_fcid=1731354202975821false
                                    		high
                                    https://pcapp.store/api/api.php?c=front&a=getAttrUserData&p[guid]=2ED92742-89DC-DD72-92E8-869FA5A66493&p[fields][]=fullname&p[fields][]=email&p[fields][]=firstname&p[fields][]=lastnamefalse
                                      		high
                                      https://pcapp.store/pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_installer&evt_action=internal&prev_v=fa.1092cfalse
                                        		high
                                        https://pcapp.store/pixel.gif?evt_src=fa_menu_search&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391948&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36false
                                          		high
                                          https://pcapp.store/pixelgif.phpfalse
                                            		high
                                            https://pcapp.store/pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&inst_parent=&evt_src=fa_installer&evt_action=donefalse
                                              		high
                                              https://pcapp.store/pixel.gif?evt_src=fa_menu_store&evt_action=updated&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360393947&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36false
                                                		high
                                                https://pcapp.store/pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_installer&evt_action=localmac&addon[]=EC-F4-BB-57-0D-C9false
                                                  		high
                                                  https://pcapp.store/appstore-taskbar/?a=notificationsTab&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&nocache=1731360391966false
                                                    		high
                                                    https://pcapp.store/lp/appstore/img/favicon.icofalse
                                                      		high
                                                      https://pcapp.store/pixel.gif?evt_src=fa_menu_store&evt_action=show&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360395551&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36false
                                                        		high
                                                        https://pcapp.store/src/main_code_nw.jsfalse
                                                          		high
                                                          https://pcapp.store/pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_installer&evt_action=installing&e=03000200-0400-0500-0006-000700080009&u=67false
                                                            		high
                                                            https://pcapp.store/pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_mini_installer&evt_action=download_done&result=12345678-1234-5678-90AB-CDDEEFAABBCC&_fcid=1731354202975821false
                                                              		high

                                                              URLs from Memory and Binaries

                                                              NameSourceMaliciousAntivirus DetectionReputation
                                                              http://anglebug.com/4633chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                		high
                                                                http://www.google.com/dl/release2/chrome_component/ad3skwo2srs5xchyxzz6ujgnedha_9.52.0/gcmjkmgdlgnkkchrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://anglebug.com/7382chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    https://dl.google.com/release2/chrome_component/ac3jaavoltgfyc34eshs22baaooq_1128/efniojlnjndmcbiieechrome.exe, 00000002.00000002.4064873112.00001E3000120000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://www.google.com/dl/release2/chrome_component/kqmxxzhbsp5oqnjc3nlsphfboa_20241101.690810062.14chrome.exe, 00000002.00000002.4065403152.00001E3000194000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        http://dns-tunnel-check.googlezip.net/connectchrome.exe, 00000002.00000002.4081327322.00001E300155C000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://docs.google.com/chrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmp, PcAppStore.exe, 0000000B.00000002.4053197577.000001C04C0C9000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            https://dl.google.com/release2/chrome_component/kuv6sxh4r3bgt6ctayzn6cl44e_3049/jflookgnkcckhobaglndchrome.exe, 00000002.00000002.4064873112.00001E3000120000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              https://docs.google.com/presentation/oglchrome.exe, 00000002.00000002.4075929509.00001E3000D48000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                https://td.doubleclick.net/td/rul/858128210?random=1731360324075&cv=11&fst=1731360324075&fmt=3&bg=ffchrome.exe, 00000002.00000002.4080968413.00001E300151C000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  http://www.google.com/dl/release2/chrome_component/cpx7rw4q3nwu7emczqf2w6cu7y_2023.3.30.1305/cocncanchrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    http://anglebug.com/3584pchrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                    • Avira URL Cloud: safe
                                                                                    		unknown
                                                                                    http://anglebug.com/6929chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://www.google.com/dl/release2/chrome_component/acccxbt6wwsvpxzpob4hojndwkqq_4.10.2830.0/oimompechrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://docs.googl0chrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          http://dl.google.com/release2/chrome_component/ac3jaavoltgfyc34eshs22baaooq_1128/efniojlnjndmcbiieegchrome.exe, 00000002.00000002.4072814833.00001E3000A38000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://anglebug.com/7246chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://anglebug.com/7369chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://anglebug.com/7489chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://pcapp.store/pixel.gif?guid=Setup.exe, 00000000.00000003.2358883269.0000000000607000.00000004.00000020.00020000.00000000.sdmp, Setup.exe, 00000000.00000002.2360094188.0000000000608000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    http://dl.google.com/release2/chrome_component/j2hxfei2occ5siitujtlwgp6xi_3/ojhpjlocmbogdgmfpkhlaaeachrome.exe, 00000002.00000002.4072814833.00001E3000A38000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688766820456&cv_id=0&format=$chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://dl.google.com/release2/chrome_component/V3P1l2hLvLw_7/7_all_sslErrorAssistant.crx3chrome.exe, 00000002.00000002.4069337062.00001E3000670000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          http://dl.google.com/release2/chrome_component/adpcjrzq66vnkuggykvi4ijjqtva_9291/hfnkpimlhhgieaddgfechrome.exe, 00000002.00000002.4072814833.00001E3000A38000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://pcapp.storechrome.exe, 00000002.00000002.4068331274.00001E300059C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF257000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4075340554.00001E3000CDC000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4065124028.00001E3000154000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://chrome.google.coNTchrome.exe, 00000002.00000002.4077867237.00001E3000FC0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                              • Avira URL Cloud: safe
                                                                                                              		unknown
                                                                                                              http://www.google.com/dl/release2/chrome_component/kuv6sxh4r3bgt6ctayzn6cl44e_3049/jflookgnkcckhobagchrome.exe, 00000002.00000002.4064873112.00001E3000120000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                https://issuetracker.google.com/161903006chrome.exe, 00000002.00000002.4075269169.00001E3000CCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  http://anglebug.com/5881ychrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                  • Avira URL Cloud: safe
                                                                                                                  		unknown
                                                                                                                  https://www.ecosia.org/newtab/chrome.exe, 00000002.00000002.4074035256.00001E3000B7C000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    http://anglebug.com/5881~chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                    • Avira URL Cloud: safe
                                                                                                                    		unknown
                                                                                                                    https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688766820411&cv_id=0&format=$chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688766820429&cv_id=0&format=$chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        http://dl.google.com/release2/chrome_component/AMpg5-cnrANo_2018.8.8.0/2018.8.8.0_win64_win_third_pachrome.exe, 00000002.00000002.4078483667.00001E3001050000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          http://anglebug.com/4722chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            https://m.google.com/devicemanagement/data/apichrome.exe, 00000002.00000002.4065649087.00001E30001C4000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              https://drive-daily-4.cchrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=156786411258&cr_id=682239234212&cv_id=0&format=$chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  https://pcapp.store/LMEMHSetup.exe, 00000000.00000002.2359917051.00000000005F1000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://chrome.google.com/webstore0chrome.exe, 00000002.00000002.4068589830.00001E30005E8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://pcapp.store/pixelgif.phpderValidatorchrome.exe, 00000002.00000002.4081327322.00001E300155C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4080231332.00001E30011D0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://sandbox.google.com/chrome.exe, 00000002.00000002.4075527338.00001E3000CFC000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EA7000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EAD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4078336596.00001E3001038000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4070571135.00001E30007C4000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688766820414&cv_id=0&format=$chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://www.google.com/dl/release2/chrome_component/ac6mhlwypzipnufijdvfyhdgvt4q_67/khaoiebndkojlmppchrome.exe, 00000002.00000002.4064873112.00001E3000120000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              https://docs.google.com/document/doglchrome.exe, 00000002.00000002.4069268333.00001E3000658000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                http://anglebug.com/3502chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  http://anglebug.com/3623chrome.exe, 00000002.00000002.4073930362.00001E3000B68000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://analytics.google.com/g/collect?v=2&tid=G-VFQWFX3X1C&gtm=45je4b70v898645365za200&_p=173136032chrome.exe, 00000002.00000002.4060478233.00000205CF09D000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://doubleclick.net/chrome.exe, 00000002.00000002.4081254559.00001E3001544000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4082126526.00001E30016B4000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4081327322.00001E300155C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4082403246.00001E30016E8000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4083010974.00001E3001790000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        http://anglebug.com/3625chrome.exe, 00000002.00000002.4073930362.00001E3000B68000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928chrome.exe, 00000002.00000002.4070198370.00001E3000765000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            http://anglebug.com/3624chrome.exe, 00000002.00000002.4073930362.00001E3000B68000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              http://anglebug.com/3862chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                https://chrome.google.com/webstoreLDDiscoverchrome.exe, 00000002.00000002.4084640179.00001E3001900000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  https://payments.google.com/payments/v4/js/integrator.js?7https://sandbox.google.com/payments/v4/js/chrome.exe, 00000002.00000002.4060478233.00000205CF09D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4062968828.00000205D2C5D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060260244.00000205CF06D000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4063370975.00000205D2EAD000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    https://googletagmanager.com/chrome.exe, 00000002.00000002.4083661821.00001E3001828000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4082831174.00001E300174C000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      http://anglebug.com/4836chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        https://issuetracker.google.com/issues/166475273chrome.exe, 00000002.00000002.4074655990.00001E3000C0C000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          http://anglebug.com/2970rmchrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                          • Avira URL Cloud: safe
                                                                                                                                                                          		unknown
                                                                                                                                                                          https://dl.google.com/release2/chrome_component/cxxqn654fg7hzrcrrnqcniqqye_2024.10.11.1/kiabhabjdbkjchrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            https://td.doubleclick.net/td/rul/858128210?random=1731360323996&cv=11&fst=1731360323996&fmt=3&bg=ffchrome.exe, 00000002.00000002.4080968413.00001E300151C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4060876902.00000205CF25D000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              http://anglebug.com/3970chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688766820444&cv_id=0&format=$chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928&cr_id=688795175019&cv_id=0&format=$chrome.exe, 00000002.00000002.4084425311.00001E30018DC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    http://dl.google.com/release2/chrome_component/adm5fg7myczym5ugfpmw2lireirq_2024.11.8.0/gonpemdgkjcechrome.exe, 00000002.00000002.4072083569.00001E300095C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4064720639.00001E30000F0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://drive-daily-5.corp.gochrome.exe, 00000002.00000002.4066593480.00001E3000320000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        http://anglebug.com/5901chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          http://anglebug.com/3965chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            https://chrome.google.coNchrome.exe, 00000002.00000002.4077867237.00001E3000FC0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                            • Avira URL Cloud: malware
                                                                                                                                                                                            		unknown
                                                                                                                                                                                            https://anglebug.com/7161chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://anglebug.com/7162chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://docs.google.com/spreadsheets/pHchrome.exe, 00000002.00000002.4069268333.00001E3000658000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://pcapp.store:443chrome.exe, 00000002.00000002.4070499271.00001E30007A0000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://pcapp.storeAccess-Corochrome.exe, 00000002.00000002.4066966859.00001E3000390000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                    http://anglebug.com/5906chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      http://anglebug.com/2517chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        http://anglebug.com/4937chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          https://csp.withgoogle.com/csp/clientupdate-aus/1dchrome.exe, 00000002.00000002.4059920905.00000205CEDBD000.00000004.00000001.00040000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            https://issuetracker.google.com/166809097chrome.exe, 00000002.00000002.4075269169.00001E3000CCC000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              https://www.google.com/dl/release2/chrome_component/p2zbkxfgkqyr6ljey2oe3bnzoy_2023.11.29.1201/ggkkechrome.exe, 00000002.00000002.4063950344.00001E3000044000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                https://doubleclick.net/t/chrome.exe, 00000002.00000002.4081327322.00001E300155C000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4074871869.00001E3000C38000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  https://lens.google.com/v3/uploadchrome.exe, 00000002.00000002.4060606373.00000205CF0A0000.00000004.00000001.00040000.00000000.sdmp, chrome.exe, 00000002.00000002.4092316362.00004C0400918000.00000004.00000001.00020000.00000000.sdmp, chrome.exe, 00000002.00000002.4092161000.00004C04008D8000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    https://pcapp.store/js?id=G-VFQWFX3X1Cchrome.exe, 00000002.00000002.4078483667.00001E3001050000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      http://anglebug.com/3832chrome.exe, 00000002.00000002.4074981161.00001E3000C58000.00000004.00000001.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high

                                                                                                                                                                                                                        World Map of Contacted IPs

                                                                                                                                                                                                                        • No. of IPs < 25%
                                                                                                                                                                                                                        • 25% < No. of IPs < 50%
                                                                                                                                                                                                                        • 50% < No. of IPs < 75%
                                                                                                                                                                                                                        • 75% < No. of IPs

                                                                                                                                                                                                                        Public IPs

                                                                                                                                                                                                                        IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                        142.250.185.78
                                                                                                                                                                                                                        		analytics.google.comUnited States
                                                                                                                                                                                                                        		15169GOOGLEUSfalse
                                                                                                                                                                                                                        209.222.21.115
                                                                                                                                                                                                                        		unknownUnited States
                                                                                                                                                                                                                        		20473AS-CHOOPAUSfalse
                                                                                                                                                                                                                        142.250.185.226
                                                                                                                                                                                                                        		td.doubleclick.netUnited States
                                                                                                                                                                                                                        		15169GOOGLEUSfalse
                                                                                                                                                                                                                        18.239.94.39
                                                                                                                                                                                                                        		d74queuslupub.cloudfront.netUnited States
                                                                                                                                                                                                                        		16509AMAZON-02USfalse
                                                                                                                                                                                                                        66.102.1.154
                                                                                                                                                                                                                        		stats.g.doubleclick.netUnited States
                                                                                                                                                                                                                        		15169GOOGLEUSfalse
                                                                                                                                                                                                                        147.182.211.77
                                                                                                                                                                                                                        		ev.pcapp.storeUnited States
                                                                                                                                                                                                                        		27555BV-PUBLIC-ASNUSfalse
                                                                                                                                                                                                                        216.58.212.132
                                                                                                                                                                                                                        		unknownUnited States
                                                                                                                                                                                                                        		15169GOOGLEUSfalse
                                                                                                                                                                                                                        142.250.185.132
                                                                                                                                                                                                                        		www.google.comUnited States
                                                                                                                                                                                                                        		15169GOOGLEUSfalse
                                                                                                                                                                                                                        142.250.185.110
                                                                                                                                                                                                                        		google.comUnited States
                                                                                                                                                                                                                        		15169GOOGLEUSfalse
                                                                                                                                                                                                                        167.99.235.203
                                                                                                                                                                                                                        		pcapp.storeUnited States
                                                                                                                                                                                                                        		14061DIGITALOCEAN-ASNUSfalse
                                                                                                                                                                                                                        142.250.181.226
                                                                                                                                                                                                                        		unknownUnited States
                                                                                                                                                                                                                        		15169GOOGLEUSfalse
                                                                                                                                                                                                                        239.255.255.250
                                                                                                                                                                                                                        		unknownReserved
                                                                                                                                                                                                                        		unknownunknownfalse
                                                                                                                                                                                                                        142.250.185.194
                                                                                                                                                                                                                        		googleads.g.doubleclick.netUnited States
                                                                                                                                                                                                                        		15169GOOGLEUSfalse
                                                                                                                                                                                                                        207.211.211.27
                                                                                                                                                                                                                        		1715720427.rsc.cdn77.orgUnited States
                                                                                                                                                                                                                        		14135NAVISITE-EAST-2USfalse
                                                                                                                                                                                                                        37.19.194.80
                                                                                                                                                                                                                        		1285660440.rsc.cdn77.orgUkraine
                                                                                                                                                                                                                        		31343INTERTELECOMUAfalse
                                                                                                                                                                                                                        172.217.18.100
                                                                                                                                                                                                                        		unknownUnited States
                                                                                                                                                                                                                        		15169GOOGLEUSfalse

                                                                                                                                                                                                                        Private

                                                                                                                                                                                                                        IP
                                                                                                                                                                                                                        192.168.2.5
                                                                                                                                                                                                                        192.168.2.15

                                                                                                                                                                                                                        General Information

                                                                                                                                                                                                                        Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                        Analysis ID:1554012
                                                                                                                                                                                                                        Start date and time:2024-11-11 22:24:12 +01:00
                                                                                                                                                                                                                        Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                        Overall analysis duration:0h 9m 44s
                                                                                                                                                                                                                        Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                        Report type:full
                                                                                                                                                                                                                        Cookbook file name:default.jbs
                                                                                                                                                                                                                        Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                        Run name:Run with higher sleep bypass
                                                                                                                                                                                                                        Number of analysed new started processes analysed:16
                                                                                                                                                                                                                        Number of new started drivers analysed:0
                                                                                                                                                                                                                        Number of existing processes analysed:0
                                                                                                                                                                                                                        Number of existing drivers analysed:0
                                                                                                                                                                                                                        Number of injected processes analysed:28
                                                                                                                                                                                                                        Technologies:
                                                                                                                                                                                                                        • EGA enabled
                                                                                                                                                                                                                        • AMSI enabled
                                                                                                                                                                                                                        Analysis Mode:default
                                                                                                                                                                                                                        Analysis stop reason:Timeout
                                                                                                                                                                                                                        Sample name:Setup.exe
                                                                                                                                                                                                                        Detection:MAL
                                                                                                                                                                                                                        Classification:mal57.spyw.evad.winEXE@40/242@39/18
                                                                                                                                                                                                                        Cookbook Comments:
                                                                                                                                                                                                                        • Found application associated with file extension: .exe
                                                                                                                                                                                                                        • Sleeps bigger than 100000000ms are automatically reduced to 1000ms

                                                                                                                                                                                                                        Warnings

                                                                                                                                                                                                                        • Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
                                                                                                                                                                                                                        • Excluded IPs from analysis (whitelisted): 142.250.186.78, 142.251.168.84, 142.250.184.195, 34.104.35.123, 142.250.185.202, 216.58.212.131, 172.217.18.104, 142.250.185.168, 142.250.186.136, 199.232.210.172, 192.229.221.95, 142.250.185.131, 142.250.186.138, 172.217.18.99, 93.184.221.240, 172.217.16.142, 142.250.80.99
                                                                                                                                                                                                                        • Excluded domains from analysis (whitelisted): fp.msedge.net, bx-ring.msedge.net, clients1.google.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, otelrules.azureedge.net, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, t-ring-fdv2.msedge.net, t-ring-s2.msedge.net, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, www.googletagmanager.com, update.googleapis.com, clients.l.google.com, www.gstatic.com
                                                                                                                                                                                                                        • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                        • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                        • Report size exceeded maximum capacity and may have missing network information.
                                                                                                                                                                                                                        • Report size getting too big, too many NtEnumerateKey calls found.
                                                                                                                                                                                                                        • Report size getting too big, too many NtOpenKey calls found.
                                                                                                                                                                                                                        • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                        • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                        • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                        • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                                        • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                        • VT rate limit hit for: Setup.exe

                                                                                                                                                                                                                        Simulations

                                                                                                                                                                                                                        Behavior and APIs

                                                                                                                                                                                                                        TimeTypeDescription
                                                                                                                                                                                                                        16:28:07API Interceptor2816x Sleep call for process: PcAppStore.exe modified
                                                                                                                                                                                                                        22:26:09AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run PCAppStore "C:\Users\user\PCAppStore\PCAppStore.exe" /init default
                                                                                                                                                                                                                        22:26:17AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run PcAppStoreUpdater "C:\Users\user\PCAppStore\AutoUpdater.exe" /i
                                                                                                                                                                                                                        22:26:26AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run Watchdog "C:\Users\user\PCAppStore\Watchdog.exe" /guid=2ED92742-89DC-DD72-92E8-869FA5A66493 /rid=20241111162608.285630578 /ver=fa.1092c
                                                                                                                                                                                                                        22:26:34AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run PCAppStore "C:\Users\user\PCAppStore\PCAppStore.exe" /init default
                                                                                                                                                                                                                        22:26:42AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run PcAppStoreUpdater "C:\Users\user\PCAppStore\AutoUpdater.exe" /i
                                                                                                                                                                                                                        22:26:50AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run Watchdog "C:\Users\user\PCAppStore\Watchdog.exe" /guid=2ED92742-89DC-DD72-92E8-869FA5A66493 /rid=20241111162608.285630578 /ver=fa.1092c

                                                                                                                                                                                                                        LLM Input / Output

                                                                                                                                                                                                                        InputOutput
                                                                                                                                                                                                                        URL: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c Model: claude-3-haiku-20240307
                                                                                                                                                                                                                        ```json
{
  "contains_trigger_text": true,
  "trigger_text": [
    "Calibrating buffers",
    "Painting the tiles",
    "Polishing the apps",
    "Stretching the pixels",
    "Herding the bits",
    "Summoning the digital spirits",
    "Entering the Matrix",
    "Adjusting the flux capacitor",
    "Beaming up the apps"
  ],
  "prominent_button_name": "unknown",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                                                                                                                        URL: Model: claude-3-5-sonnet-latest
                                                                                                                                                                                                                        {
    "typosquatting": false,
    "unusual_query_string": false,
    "suspicious_tld": true,
    "ip_in_url": false,
    "long_subdomain": false,
    "malicious_keywords": false,
    "encoded_characters": false,
    "redirection": false,
    "contains_email_address": false,
    "known_domain": false,
    "brand_spoofing_attempt": false,
    "third_party_hosting": false
}
                                                                                                                                                                                                                        URL: https://pcapp.store
                                                                                                                                                                                                                        URL: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c Model: claude-3-haiku-20240307
                                                                                                                                                                                                                        ```json
{
  "contains_trigger_text": true,
  "trigger_text": [
    "We're on it, hold on",
    "Calibrating buffers",
    "please wait, we need them to be perfectly aligned",
    "Painting the tiles",
    "we want them to look their best for you",
    "Polishing the apps",
    "we want them to shine",
    "Stretching the pixels",
    "because size matters",
    "Herding the bits",
    "they can be stubborn sometimes",
    "Summoning the digital spirits",
    "just kidding, we're just installing some apps",
    "Entering the Matrix",
    "don't worry, we'll be back soon",
    "Adjusting the flux capacitor",
    "we don't want any time-traveling bugs",
    "Beaming up the apps"
  ],
  "prominent_button_name": "unknown",
  "text_input_field_labels": "unknown",
  "pdf_icon_visible": false,
  "has_visible_captcha": false,
  "has_urgent_text": false,
  "has_visible_qrcode": false
}
                                                                                                                                                                                                                        URL: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c Model: claude-3-haiku-20240307
                                                                                                                                                                                                                        ```json
{
  "brands": [
    "PC APP STORE"
  ]
}
                                                                                                                                                                                                                        URL: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c Model: claude-3-haiku-20240307
                                                                                                                                                                                                                        ```json
{
  "brands": [
    "PC APP STORE"
  ]
}

                                                                                                                                                                                                                        Joe Sandbox View / Context

                                                                                                                                                                                                                        IPs

                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                        147.182.211.77Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                          Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                            Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                              Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                    Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                      Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                        Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                          209.222.21.115Setup (1).exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                          • pcapp.store/notify_app_v2.php?guid=4D802742-3099-9C0E-C19B-2A23EA1FC420&lastid=0&lasttime=0&end_v=fa.1079b&nocache=6015250
                                                                                                                                                                                                                                          167.99.235.203Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                            Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                              Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                https://pcapp.store/pixel.gifGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                    Setup (1).exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                      MDE_File_Sample_c30dd28cb119f2aa20ddabe8968b8cadbe80bcb2.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                        nso7806.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                          http://classicshell.mediafire.com/file/d5llbbm8wu92jg8/ClassicShellSetup_4_3_1.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                            MDE_File_Sample_ba40401128d2ff2734a7e554120b7de438870654.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                              18.239.94.39https://hbagc.netGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                https://encr.pw/KE2tzGet hashmaliciousUnknownBrowse

                                                                                                                                                                                                                                                                  Domains

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  1715720427.rsc.cdn77.orgSetupEngine.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 207.211.211.27
                                                                                                                                                                                                                                                                  https://veryfast.ioGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 169.150.255.183
                                                                                                                                                                                                                                                                  https://veryfast.ioGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 195.181.170.18
                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 195.181.170.18
                                                                                                                                                                                                                                                                  tKr6T60C1r.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 207.211.211.27
                                                                                                                                                                                                                                                                  https://pivotanimator.net/Download.phpGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 156.146.33.14
                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 138.199.37.37
                                                                                                                                                                                                                                                                  Setup (1).exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 195.181.170.19
                                                                                                                                                                                                                                                                  Setup (1).exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 89.187.173.11
                                                                                                                                                                                                                                                                  Setup (1).exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 37.19.206.5
                                                                                                                                                                                                                                                                  pcapp.storehttps://pivotanimator.net/Download.phpGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 45.32.1.23
                                                                                                                                                                                                                                                                  1285660440.rsc.cdn77.orgSetup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 207.211.211.27
                                                                                                                                                                                                                                                                  tKr6T60C1r.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 212.102.56.179
                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 138.199.37.37
                                                                                                                                                                                                                                                                  Setup (1).exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 156.146.33.138
                                                                                                                                                                                                                                                                  Setup (1).exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 89.187.173.13
                                                                                                                                                                                                                                                                  MDE_File_Sample_c30dd28cb119f2aa20ddabe8968b8cadbe80bcb2.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 89.187.173.11
                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 89.187.183.11
                                                                                                                                                                                                                                                                  MDE_File_Sample_ba40401128d2ff2734a7e554120b7de438870654.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 37.19.206.5
                                                                                                                                                                                                                                                                  chrome.cloudflare-dns.comfile.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                  SAFAIR - MDE_File_Sample_c4fda6eee21550785a1c89ce291a2d3072e0ed9b.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  rPO3799039985.exeGet hashmaliciousRemcos, GuLoaderBrowse
                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 162.159.61.3
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 172.64.41.3
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 172.64.41.3

                                                                                                                                                                                                                                                                  ASNs

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  AMAZON-02USamen.arm6.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                  • 3.103.214.114
                                                                                                                                                                                                                                                                  amen.x86.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                  • 3.123.22.203
                                                                                                                                                                                                                                                                  amen.arm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 3.150.187.121
                                                                                                                                                                                                                                                                  amen.mpsl.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                  • 34.210.73.172
                                                                                                                                                                                                                                                                  zgp.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                  • 54.170.198.251
                                                                                                                                                                                                                                                                  amen.ppc.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                  • 35.162.50.227
                                                                                                                                                                                                                                                                  allpdfpro.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 3.161.193.27
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 108.138.128.93
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 108.139.47.108
                                                                                                                                                                                                                                                                  DIGITALOCEAN-ASNUS8dPlV2lT8o.exeGet hashmaliciousSimda StealerBrowse
                                                                                                                                                                                                                                                                  • 64.225.91.73
                                                                                                                                                                                                                                                                  7ObLFE2iMK.exeGet hashmaliciousSimda StealerBrowse
                                                                                                                                                                                                                                                                  • 64.225.91.73
                                                                                                                                                                                                                                                                  https://axieu.com/terma/GeHDLfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 5.101.110.225
                                                                                                                                                                                                                                                                  UMwpXhA46R.exeGet hashmaliciousSimda StealerBrowse
                                                                                                                                                                                                                                                                  • 64.225.91.73
                                                                                                                                                                                                                                                                  1fWgBXPgiT.exeGet hashmaliciousSimda StealerBrowse
                                                                                                                                                                                                                                                                  • 64.225.91.73
                                                                                                                                                                                                                                                                  arxtPs1STE.exeGet hashmaliciousSimda StealerBrowse
                                                                                                                                                                                                                                                                  • 64.225.91.73
                                                                                                                                                                                                                                                                  Z8eHwAvqAh.exeGet hashmaliciousSimda StealerBrowse
                                                                                                                                                                                                                                                                  • 64.225.91.73
                                                                                                                                                                                                                                                                  WlCVLbzNph.exeGet hashmaliciousSimda StealerBrowse
                                                                                                                                                                                                                                                                  • 64.225.91.73
                                                                                                                                                                                                                                                                  mNtu4X8ZyE.exeGet hashmaliciousEmotetBrowse
                                                                                                                                                                                                                                                                  • 68.183.190.199
                                                                                                                                                                                                                                                                  AS-CHOOPAUShttp://muse.krazzykriss.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 45.77.78.73
                                                                                                                                                                                                                                                                  fK4N7E6bFV.exeGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                  • 155.138.180.2
                                                                                                                                                                                                                                                                  72BF1aHUKl.msiGet hashmaliciousNetSupport RATBrowse
                                                                                                                                                                                                                                                                  • 95.179.156.158
                                                                                                                                                                                                                                                                  sora.mips.elfGet hashmaliciousMiraiBrowse
                                                                                                                                                                                                                                                                  • 149.28.47.121
                                                                                                                                                                                                                                                                  7sugT5Gudk.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 45.32.92.201
                                                                                                                                                                                                                                                                  8WdO7I87E1.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                                                                                                                                                                                  • 204.80.129.87
                                                                                                                                                                                                                                                                  e5AiOG6uDI.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                                                                                                                                                                                  • 217.163.25.106
                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 209.222.21.115
                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 45.32.1.23
                                                                                                                                                                                                                                                                  BV-PUBLIC-ASNUSbotnet.spc.elfGet hashmaliciousMirai, MoobotBrowse
                                                                                                                                                                                                                                                                  • 147.182.229.60
                                                                                                                                                                                                                                                                  ACTION REQUIRED Revised Billing #NL992-071 From Robinson Aviation Inc.msgGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 147.182.200.48
                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 147.182.211.77
                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 147.182.211.77
                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 147.182.211.77
                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 147.182.211.77
                                                                                                                                                                                                                                                                  https://averellharriman.sharefile.com/public/share/web-s3b96c17360cd43e7bdcaf25a23709fd0Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 147.182.200.48
                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 147.182.211.77
                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 147.182.211.77

                                                                                                                                                                                                                                                                  JA3 Fingerprints

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  1138de370e523e824bbca92d049a3777https://vinculocomputer.com/run/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  https://www.google.it/url?q=https://www.google.it/url?q=https://www.google.it/url?q=https://www.google.ro/url?q=https://www.google.nl/url?q=ZFCKQSES42J831UCOWMB4MEAK36T3IE7YuQiApLjODz3yh4nNeW8uuQi&rct=XS%25RANDOM4%25wDnNeW8yycT&sa=t&esrc=nNeW8F%25RANDOM3%25A0xys8Em2FL&source=&cd=tS6T8%25RANDOM3%25Tiw9XH&cad=XpPkDfJX%25RANDOM4%25VS0Y&ved=xjnktlqryYWwZIBRrgvK&uact=&url=amp%2Fthedailyparanoia%2Ecom%2FGet hashmaliciousHTMLPhisherBrowse
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  https://fvggtrgtr57crthrvtrhrh.s3.us-east-2.amazonaws.com/u7yy78ty7t6fg67t676t/hg7g6g6gfvj5rfj/index.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  test.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  test.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  test.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  Sampension-file-846845087.pdfGet hashmaliciousCaptcha PhishBrowse
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  https://parkonking.us15.list-manage.com/track/click?u=ad047aa5468a45d38c75e108c&id=88101fd354&e=1659a0a55dGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  http://perpetualsnob.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  A3W2CpXxiO.exeGet hashmaliciousStealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  28a2c9bd18a11de089ef85a160da29e4https://attack.mitre.org/techniques/T1204/001Get hashmaliciousLsass Dumper, Mimikatz, TrickbotBrowse
                                                                                                                                                                                                                                                                  • 4.175.87.197
                                                                                                                                                                                                                                                                  • 150.171.73.254
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 204.79.197.222
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  • 184.28.90.27
                                                                                                                                                                                                                                                                  • 13.107.213.254
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 4.175.87.197
                                                                                                                                                                                                                                                                  • 150.171.73.254
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 204.79.197.222
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  • 184.28.90.27
                                                                                                                                                                                                                                                                  • 13.107.213.254
                                                                                                                                                                                                                                                                  https://xblgo.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 4.175.87.197
                                                                                                                                                                                                                                                                  • 150.171.73.254
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 204.79.197.222
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  • 184.28.90.27
                                                                                                                                                                                                                                                                  • 13.107.213.254
                                                                                                                                                                                                                                                                  https://u34251876.ct.sendgrid.net/ls/click?upn=u001.ordJ57g0HVndDa8Km-2BVUUFN1eIn5tdzIxrKbgsGfF9eVdl7b-2Fab-2BrUBdfIXH9yijR5LLM7kgivkgUI3nC3VajM00UDrq4ekI2XREqo0QmHcHyDyYWomvx9-2FHEtQ3o5rBM9AHzVSsjnwFSEJqic-2BEtw-3D-3DBxNa_qINdfz5Lp8EahgxJXfgGV-2Bk7caEgTUs2gtUTKNMgBkZ9mbVIMd-2B1UUN0TqdRRGrocW81C18onNWNx5Y6KM88Rr7odKCqMhALUPuUbXGlkOo01sEKeKdphXRhykHXKfSB-2By1s-2BNAgCL9-2BbtY8LNaKNV0sXQnlv-2F9fA-2BLZtaeadaVGHb32bFHhcOwS3ltfr2dig92MY6M8DrwwYiolgI1k4Q-3D-3DGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 4.175.87.197
                                                                                                                                                                                                                                                                  • 150.171.73.254
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 204.79.197.222
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  • 184.28.90.27
                                                                                                                                                                                                                                                                  • 13.107.213.254
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousPureCrypter, LummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 4.175.87.197
                                                                                                                                                                                                                                                                  • 150.171.73.254
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 204.79.197.222
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  • 184.28.90.27
                                                                                                                                                                                                                                                                  • 13.107.213.254
                                                                                                                                                                                                                                                                  http://invoicehome.uk/invoice.zipGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 4.175.87.197
                                                                                                                                                                                                                                                                  • 150.171.73.254
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 204.79.197.222
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  • 184.28.90.27
                                                                                                                                                                                                                                                                  • 13.107.213.254
                                                                                                                                                                                                                                                                  https://vinculocomputer.com/run/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 4.175.87.197
                                                                                                                                                                                                                                                                  • 150.171.73.254
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 204.79.197.222
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  • 184.28.90.27
                                                                                                                                                                                                                                                                  • 13.107.213.254
                                                                                                                                                                                                                                                                  https://www.hopp.bio/hawksridgefarmsGet hashmaliciousMamba2FABrowse
                                                                                                                                                                                                                                                                  • 4.175.87.197
                                                                                                                                                                                                                                                                  • 150.171.73.254
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 204.79.197.222
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  • 184.28.90.27
                                                                                                                                                                                                                                                                  • 13.107.213.254
                                                                                                                                                                                                                                                                  file.exeGet hashmaliciousLummaC, Amadey, LummaC Stealer, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                  • 4.175.87.197
                                                                                                                                                                                                                                                                  • 150.171.73.254
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 204.79.197.222
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  • 184.28.90.27
                                                                                                                                                                                                                                                                  • 13.107.213.254
                                                                                                                                                                                                                                                                  https://9lrcO5435enkIg6bUCf.duzl.de/9lrcO/enkIg6bUCf/n6tpnsszmdaibMhCn01b1b7xgen/9lrcO/enkIg6bUCf/Michael+AF8-jakubek/5435/qvc.com/n6tpnsszmdaibMhCn01b+ACI-Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                  • 4.175.87.197
                                                                                                                                                                                                                                                                  • 150.171.73.254
                                                                                                                                                                                                                                                                  • 23.1.237.91
                                                                                                                                                                                                                                                                  • 204.79.197.222
                                                                                                                                                                                                                                                                  • 13.107.246.45
                                                                                                                                                                                                                                                                  • 184.28.90.27
                                                                                                                                                                                                                                                                  • 13.107.213.254
                                                                                                                                                                                                                                                                  54328bd36c14bd82ddaa0c04b25ed9ad1731350144bd4661a80b2f6df430a3ec80a1cea4bfcea08062cabca8156532cd5eb6ec3f57216.dat-decoded.exeGet hashmaliciousSnake Keylogger, VIP KeyloggerBrowse
                                                                                                                                                                                                                                                                  • 167.99.235.203
                                                                                                                                                                                                                                                                  Curriculum Vitae Estrella Torres.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                  • 167.99.235.203
                                                                                                                                                                                                                                                                  Factura Honorarios 2024-11-04.exeGet hashmaliciousGuLoader, Snake KeyloggerBrowse
                                                                                                                                                                                                                                                                  • 167.99.235.203
                                                                                                                                                                                                                                                                  CERTIFICADO TITULARIDAD.exeGet hashmaliciousGuLoader, Snake KeyloggerBrowse
                                                                                                                                                                                                                                                                  • 167.99.235.203
                                                                                                                                                                                                                                                                  CkHXjQGPA5.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                  • 167.99.235.203
                                                                                                                                                                                                                                                                  QNiXvaE3ps.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                  • 167.99.235.203
                                                                                                                                                                                                                                                                  N8Sriy2UsP.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                  • 167.99.235.203
                                                                                                                                                                                                                                                                  Ref#130709.vbeGet hashmaliciousMassLogger RATBrowse
                                                                                                                                                                                                                                                                  • 167.99.235.203
                                                                                                                                                                                                                                                                  Quotation.exeGet hashmaliciousMassLogger RAT, PureLog StealerBrowse
                                                                                                                                                                                                                                                                  • 167.99.235.203
                                                                                                                                                                                                                                                                  hesaphareketi-01.exeGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                  • 167.99.235.203

                                                                                                                                                                                                                                                                  Dropped Files

                                                                                                                                                                                                                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                  C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\Math.dllSetup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                    Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                      Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                        Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                          Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                            Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                              Setup.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                https://pcapp.store/pixel.gifGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                  Setup.exeGet hashmaliciousUnknownBrowse

                                                                                                                                                                                                                                                                                    Created / dropped Files

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Microsoft\Windows\Caches\{3DA71D5A-20CC-432F-A115-DFE92379E91F}.3.ver0x0000000000000016.db

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Windows\explorer.exe
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):112680
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.022714474628812
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:768:fxlMrkbGwTDkrkPnjk0ZdHHzS4XNcL6roQjCILZP1PER1v4jtN5GmWypye2t358K:8khD7XHHzS4eQ3hvigG4nv1hF4KHjk
                                                                                                                                                                                                                                                                                    MD5:96F483430EAE3B69AA4E1FAC8DE4921A
                                                                                                                                                                                                                                                                                    SHA1:2CDDC52AA4835667B2D85852EE6A061A538E91D4
                                                                                                                                                                                                                                                                                    SHA-256:2E873392FC44EAF173306BB61A0617E4180BE115F2B3A3EF8368955AC2B2A3B0
                                                                                                                                                                                                                                                                                    SHA-512:28C05399C36A753760295B40734B35B681934A17EFBAD19154AE7DF9FDB4B0F7792F4A5306FA372F85C0B62CDD4DDF062850E079B00AF69A87184417E6F8A376
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:....h... ...(...x.......P...........x..._.......d...h...................].......e.n.-.C.H.;.e.n.-.G.B..............................P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....T.1...........user..>............................................a.l.f.o.n.s.....V.1...........AppData.@............................................A.p.p.D.a.t.a.....V.1...........Roaming.@............................................R.o.a.m.i.n.g.....\.1...........Microsoft.D............................................M.i.c.r.o.s.o.f.t.....V.1...........Windows.@............................................W.i.n.d.o.w.s.....`.1...........Start Menu..F............................................S.t.a.r.t. .M.e.n.u......................(..........P.O. .:i.....+00.../C:\...................P.1...........Users.<............................................U.s.e.r.s.....T.1...........user..>...........................................

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\T9RRWRNL\p[1].gif

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\PCAppStore\Watchdog.exe
                                                                                                                                                                                                                                                                                    File Type:GIF image data, version 89a, 1 x 1
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):42
                                                                                                                                                                                                                                                                                    Entropy (8bit):2.9881439641616536
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3:CUXPQE/xlEy:1QEoy
                                                                                                                                                                                                                                                                                    MD5:D89746888DA2D9510B64A9F031EAECD5
                                                                                                                                                                                                                                                                                    SHA1:D5FCEB6532643D0D84FFE09C40C481ECDF59E15A
                                                                                                                                                                                                                                                                                    SHA-256:EF1955AE757C8B966C83248350331BD3A30F658CED11F387F8EBF05AB3368629
                                                                                                                                                                                                                                                                                    SHA-512:D5DA26B5D496EDB0221DF1A4057A8B0285D15592A8F8DC7016A294DF37ED335F3FDE6A2252962E0DF38B62847F8B771463A0124EF3F84299F262ED9D9D3CEE4C
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:GIF89a.............!.......,...........D.;

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\Math.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):69120
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.024967061017882
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:1536:GUZ9QC7V7IGMp2ZmtSX5p9IeJXlSM2tS:T97WSth5lwt
                                                                                                                                                                                                                                                                                    MD5:85428CF1F140E5023F4C9D179B704702
                                                                                                                                                                                                                                                                                    SHA1:1B51213DDBAEDFFFB7E7F098F172F1D4E5C9EFBA
                                                                                                                                                                                                                                                                                    SHA-256:8D9A23DD2004B68C0D2E64E6C6AD330D0C648BFFE2B9F619A1E9760EF978207A
                                                                                                                                                                                                                                                                                    SHA-512:DFE7F9F3030485CAF30EC631424120030C3985DF778993342A371BF1724FA84AA885B4E466C6F6B356D99CC24E564B9C702C7BCDD33052172E0794C2FDECCE59
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Joe Sandbox View:
                                                                                                                                                                                                                                                                                    • Filename: Setup.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                    • Filename: Setup.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                    • Filename: Setup.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                    • Filename: Setup.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                    • Filename: Setup.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                    • Filename: Setup.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                    • Filename: Setup.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                    • Filename: , Detection: malicious, Browse
                                                                                                                                                                                                                                                                                    • Filename: Setup.exe, Detection: malicious, Browse
                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........w.................F.........................5.....5....:6....Rich...........PE..L.....Oa...........!................KG....................................................@.............................B.......(....................................................................................................................text...b........................... ..`.rdata..R...........................@..@.data............2..................@....reloc..............................@..B................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\NSISFastLib.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):140288
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.334087823000165
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3072:H5dnvmOEATceozVDkRasOCdUFZrR7beB2SK0XCC+W/ST+BeXZQUC5:ZdnvmsTceZUtCdUFZr9b4KznC5
                                                                                                                                                                                                                                                                                    MD5:9C7A4D75F08D40AD6F5250DF6739C1B8
                                                                                                                                                                                                                                                                                    SHA1:793749511C61B00A793D0AEA487E366256DD1B95
                                                                                                                                                                                                                                                                                    SHA-256:6EB17C527C9E7F7FEA1FDB2EA152E957B50A56796E53CE1E5946B165B82DEAEF
                                                                                                                                                                                                                                                                                    SHA-512:E85235307B85FFD3AAB76FF6290BEE0B3B9FD74C61A812B5355FE7B854D4C6B77BD521E52638D28E249A43D9EC7AA6F2670AF2B1C671091492C7FE19D6F9A4E6
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$......../.iTN.:TN.:TN.:.6.;^N.:.6.;.N.:.6.;@N.:.6.;UN.:...;AN.:...;DN.:...;{N.:.6.;_N.:TN.:'N.:B..;QN.:B..;UN.:B.%:UN.:TNM:UN.:B..;UN.:RichTN.:........................PE..L...z..f...........!...(.x...................................................`..............................................x...x....0..X....................@......0...............................p...@............................................text...0v.......x.................. ..`.rdata..\~...........|..............@..@.data...............................@....rsrc...X....0......................@..@.reloc.......@......................@..B........................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\System.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):12288
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.814115788739565
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
                                                                                                                                                                                                                                                                                    MD5:CFF85C549D536F651D4FB8387F1976F2
                                                                                                                                                                                                                                                                                    SHA1:D41CE3A5FF609DF9CF5C7E207D3B59BF8A48530E
                                                                                                                                                                                                                                                                                    SHA-256:8DC562CDA7217A3A52DB898243DE3E2ED68B80E62DDCB8619545ED0B4E7F65A8
                                                                                                                                                                                                                                                                                    SHA-512:531D6328DAF3B86D85556016D299798FA06FEFC81604185108A342D000E203094C8C12226A12BD6E1F89B0DB501FB66F827B610D460B933BD4AB936AC2FD8A88
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......qr*.5.D.5.D.5.D...J.2.D.5.E.!.D.....2.D.a0t.1.D.V1n.4.D..3@.4.D.Rich5.D.........PE..L.....Oa...........!....."...........*.......@...............................p............@..........................B.......@..P............................`.......................................................@..X............................text.... .......".................. ..`.rdata..c....@.......&..............@..@.data...x....P.......*..............@....reloc.......`.......,..............@..B................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\image.gif

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:GIF image data, version 89a, 16 x 16
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):997
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.188896534234179
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12:2E5KZbHOjOruFw6MLxENScRVar7FC53tK1Oqd3Aa0n:tAlHOjOX60ENvRVZKbEn
                                                                                                                                                                                                                                                                                    MD5:1636218C14C357455B5C872982E2A047
                                                                                                                                                                                                                                                                                    SHA1:21FBD1308AF7AD25352667583A8DC340B0847DBC
                                                                                                                                                                                                                                                                                    SHA-256:9B8B6285BF65F086E08701EEE04E57F2586E973A49C5A38660C9C6502A807045
                                                                                                                                                                                                                                                                                    SHA-512:837FA6BCBE69A3728F5CB4C25C35C1D13E84B11232FC5279A91F21341892AD0E36003D86962C8AB1A056D3BEEB2652C754D51D6EC7EEE0E0EBFE19CD93FB5CB0
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:GIF89a............P..........4q...5j...O..F.].......................o..._.....5y.t........\....K>}...g..t....X...B..ET....t~....go..Jx...........|..U!f.|....>u.M.........w>..+r...|...A{.....t...E...b.8}....d....A.....R..y..l...w....G5u...{....t.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................!..NETSCAPE2.0.....!.......,...............H..A....`pp....~.xR......d.......,...D...)2 .1.....N` R......(@......,8RDA../..XB....P.F .....#...b`F...#8p......<\.`.........A....n|.CH...........+... .E.....d`.@......;

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\inetc.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):39424
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.684597989866362
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:384:njt65uI9oYzcCaHjl9Cb4I1f0AGhrHXoREnRxtIpH/u0abJ2v2DW9O9tk8ZwkpwD:noHtNQoRSIwTJB6Q/kPyBp6
                                                                                                                                                                                                                                                                                    MD5:A35CDC9CF1D17216C0AB8C5282488EAD
                                                                                                                                                                                                                                                                                    SHA1:ED8E8091A924343AD8791D85E2733C14839F0D36
                                                                                                                                                                                                                                                                                    SHA-256:A793929232AFB78B1C5B2F45D82094098BCF01523159FAD1032147D8D5F9C4DF
                                                                                                                                                                                                                                                                                    SHA-512:0F15B00D0BF2AABD194302E599D69962147B4B3EF99E5A5F8D5797A7A56FD75DD9DB0A667CFBA9C758E6F0DAB9CED126A9B43948935FE37FC31D96278A842BDF
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........&.[.H.[.H.[.H.O.I.R.H.[.I...H...M.Y.H...L.Z.H...H.Z.H.....Z.H...J.Z.H.Rich[.H.................PE..L...n..c...........!.....T.........._........p............................... ............@..........................x......D...d...............................t....w..8...............................................D............................text....S.......T.................. ..`.rdata.......p.......X..............@..@.data....i...........d..............@....idata..A............v..............@..@.rsrc...............................@..@.reloc..............................@..B................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsl66CD.tmp\nsJSON.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):24064
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.819708895488079
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:384:n7U5CiIZ1ZC2RvhrTfldNuwQ5pk+BISivMyyOgqCoRUj+OvHxOuofnykhVQJrTU:YoZ1ZnhrTfldqk7Yyy94RxOcVQJrT
                                                                                                                                                                                                                                                                                    MD5:F4D89D9A2A3E2F164AEA3E93864905C9
                                                                                                                                                                                                                                                                                    SHA1:4D4E05EE5E4E77A0631A3DD064C171BA2E227D4A
                                                                                                                                                                                                                                                                                    SHA-256:64B3EFDF3DE54E338D4DB96B549A7BDB7237BB88A82A0A63AEF570327A78A6FB
                                                                                                                                                                                                                                                                                    SHA-512:DBDA3FE7CA22C23D2D0F2A5D9D415A96112E2965081582C7A42C139A55C5D861A27F0BD919504DE4F82C59CF7D1B97F95ED5A55E87D574635AFDB7EB2D8CADF2
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......U.'..fI_.fI_.fI_3.H^.fI_.fH_?fI_.8M^.fI_.8I^.fI_.8._.fI_.8K^.fI_Rich.fI_........PE..L...`..Z...........!.....>..........E........P............................................@..........................X......@Z..P....p..........................H....X...............................................P...............................text...W<.......>.................. ..`.rdata.......P.......B..............@..@.data...@....`.......R..............@....rsrc........p.......T..............@..@.reloc..H............X..............@..B........................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\NSISFastLib.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):140288
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.334087823000165
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3072:H5dnvmOEATceozVDkRasOCdUFZrR7beB2SK0XCC+W/ST+BeXZQUC5:ZdnvmsTceZUtCdUFZr9b4KznC5
                                                                                                                                                                                                                                                                                    MD5:9C7A4D75F08D40AD6F5250DF6739C1B8
                                                                                                                                                                                                                                                                                    SHA1:793749511C61B00A793D0AEA487E366256DD1B95
                                                                                                                                                                                                                                                                                    SHA-256:6EB17C527C9E7F7FEA1FDB2EA152E957B50A56796E53CE1E5946B165B82DEAEF
                                                                                                                                                                                                                                                                                    SHA-512:E85235307B85FFD3AAB76FF6290BEE0B3B9FD74C61A812B5355FE7B854D4C6B77BD521E52638D28E249A43D9EC7AA6F2670AF2B1C671091492C7FE19D6F9A4E6
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$......../.iTN.:TN.:TN.:.6.;^N.:.6.;.N.:.6.;@N.:.6.;UN.:...;AN.:...;DN.:...;{N.:.6.;_N.:TN.:'N.:B..;QN.:B..;UN.:B.%:UN.:TNM:UN.:B..;UN.:RichTN.:........................PE..L...z..f...........!...(.x...................................................`..............................................x...x....0..X....................@......0...............................p...@............................................text...0v.......x.................. ..`.rdata..\~...........|..............@..@.data...............................@....rsrc...X....0......................@..@.reloc.......@......................@..B........................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\System.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):12288
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.814115788739565
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:192:Zjvco0qWTlt70m5Aj/lQ0sEWD/wtYbBHFNaDybC7y+XBz0QPi:FHQlt70mij/lQRv/9VMjzr
                                                                                                                                                                                                                                                                                    MD5:CFF85C549D536F651D4FB8387F1976F2
                                                                                                                                                                                                                                                                                    SHA1:D41CE3A5FF609DF9CF5C7E207D3B59BF8A48530E
                                                                                                                                                                                                                                                                                    SHA-256:8DC562CDA7217A3A52DB898243DE3E2ED68B80E62DDCB8619545ED0B4E7F65A8
                                                                                                                                                                                                                                                                                    SHA-512:531D6328DAF3B86D85556016D299798FA06FEFC81604185108A342D000E203094C8C12226A12BD6E1F89B0DB501FB66F827B610D460B933BD4AB936AC2FD8A88
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......qr*.5.D.5.D.5.D...J.2.D.5.E.!.D.....2.D.a0t.1.D.V1n.4.D..3@.4.D.Rich5.D.........PE..L.....Oa...........!....."...........*.......@...............................p............@..........................B.......@..P............................`.......................................................@..X............................text.... .......".................. ..`.rdata..c....@.......&..............@..@.data...x....P.......*..............@....reloc.......`.......,..............@..B................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\image.gif

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    File Type:GIF image data, version 89a, 16 x 16
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):997
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.188896534234179
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12:2E5KZbHOjOruFw6MLxENScRVar7FC53tK1Oqd3Aa0n:tAlHOjOX60ENvRVZKbEn
                                                                                                                                                                                                                                                                                    MD5:1636218C14C357455B5C872982E2A047
                                                                                                                                                                                                                                                                                    SHA1:21FBD1308AF7AD25352667583A8DC340B0847DBC
                                                                                                                                                                                                                                                                                    SHA-256:9B8B6285BF65F086E08701EEE04E57F2586E973A49C5A38660C9C6502A807045
                                                                                                                                                                                                                                                                                    SHA-512:837FA6BCBE69A3728F5CB4C25C35C1D13E84B11232FC5279A91F21341892AD0E36003D86962C8AB1A056D3BEEB2652C754D51D6EC7EEE0E0EBFE19CD93FB5CB0
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:GIF89a............P..........4q...5j...O..F.].......................o..._.....5y.t........\....K>}...g..t....X...B..ET....t~....go..Jx...........|..U!f.|....>u.M.........w>..+r...|...A{.....t...E...b.8}....d....A.....R..y..l...w....G5u...{....t.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................!..NETSCAPE2.0.....!.......,...............H..A....`pp....~.xR......d.......,...D...)2 .1.....N` R......(@......,8RDA../..XB....P.F .....#...b`F...#8p......<\.`.........A....n|.CH...........+... .E.....d`.@......;

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\inetc.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):39424
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.684597989866362
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:384:njt65uI9oYzcCaHjl9Cb4I1f0AGhrHXoREnRxtIpH/u0abJ2v2DW9O9tk8ZwkpwD:noHtNQoRSIwTJB6Q/kPyBp6
                                                                                                                                                                                                                                                                                    MD5:A35CDC9CF1D17216C0AB8C5282488EAD
                                                                                                                                                                                                                                                                                    SHA1:ED8E8091A924343AD8791D85E2733C14839F0D36
                                                                                                                                                                                                                                                                                    SHA-256:A793929232AFB78B1C5B2F45D82094098BCF01523159FAD1032147D8D5F9C4DF
                                                                                                                                                                                                                                                                                    SHA-512:0F15B00D0BF2AABD194302E599D69962147B4B3EF99E5A5F8D5797A7A56FD75DD9DB0A667CFBA9C758E6F0DAB9CED126A9B43948935FE37FC31D96278A842BDF
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........&.[.H.[.H.[.H.O.I.R.H.[.I...H...M.Y.H...L.Z.H...H.Z.H.....Z.H...J.Z.H.Rich[.H.................PE..L...n..c...........!.....T.........._........p............................... ............@..........................x......D...d...............................t....w..8...............................................D............................text....S.......T.................. ..`.rdata.......p.......X..............@..@.data....i...........d..............@....idata..A............v..............@..@.rsrc...............................@..@.reloc..............................@..B................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\modern-wizard.bmp

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    File Type:PC bitmap, Windows 3.x format, 164 x 314 x 4, image size 26376, resolution 2834 x 2834 px/m, cbSize 26494, bits offset 118
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):26494
                                                                                                                                                                                                                                                                                    Entropy (8bit):1.9568109962493656
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz
                                                                                                                                                                                                                                                                                    MD5:CBE40FD2B1EC96DAEDC65DA172D90022
                                                                                                                                                                                                                                                                                    SHA1:366C216220AA4329DFF6C485FD0E9B0F4F0A7944
                                                                                                                                                                                                                                                                                    SHA-256:3AD2DC318056D0A2024AF1804EA741146CFC18CC404649A44610CBF8B2056CF2
                                                                                                                                                                                                                                                                                    SHA-512:62990CB16E37B6B4EFF6AB03571C3A82DCAA21A1D393C3CB01D81F62287777FB0B4B27F8852B5FA71BC975FEAB5BAA486D33F2C58660210E115DE7E2BD34EA63
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:BM~g......v...(.......:............g..................................................................................DDD@@@@DDDDDD@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@DDDDDDDDDD@@@@DDDDDDDDD@@@@@@..DDD....DDDDDD........................................DDDDDDDDDD....DDDDDDDDD........DD@@@@DDDDDD@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@DDDDDDDDD@@@@DDDDDDDDDD@@@@@@D..DD....DDDDDDD......................................DDDDDDDDDD....DDDDDDDDDD......D..D@@@@@DDDDDD@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@DDDDDDDDDD@@@@DDDDDDDDDD@@@@@DDD..D.....DDDDDD......................................DDDDDDDDD.....DDDDDDDDD......DDD..@@@@@DDDDDD@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@DDDDDDDDDD@@@@DDDDDDDDDD@@@@@@DDDD.......DDDDDD.....................................DDDDDDDDDD....DDDDDDDDDD.....DDDDD..@@@@@DDDDDD@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@DDDDDDDDDD@@@@DDDDDDDDD@@@@@@DDDDDD.......DDDDDD....................................DDDDDDDDD....DDDDDDDDDD......DDDDDD..@@@@DDDDDD@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\nsDialogs.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):9728
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.158136237602734
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:o0svUu3Uy+sytcS8176b+XR8pCHFcMcxSgB5PKtAtgt+Nt+rnt3DVEB3YcNqkzfS:o0svWyNO81b8pCHFcM0PuAgkOyuIFc
                                                                                                                                                                                                                                                                                    MD5:6C3F8C94D0727894D706940A8A980543
                                                                                                                                                                                                                                                                                    SHA1:0D1BCAD901BE377F38D579AAFC0C41C0EF8DCEFD
                                                                                                                                                                                                                                                                                    SHA-256:56B96ADD1978B1ABBA286F7F8982B0EFBE007D4A48B3DED6A4D408E01D753FE2
                                                                                                                                                                                                                                                                                    SHA-512:2094F0E4BB7C806A5FF27F83A1D572A5512D979EEFDA3345BAFF27D2C89E828F68466D08C3CA250DA11B01FC0407A21743037C25E94FBE688566DD7DEAEBD355
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......|..c8O`08O`08O`08Oa0.O`0.@=05O`0llP0=O`0.If09O`0.od09O`0Rich8O`0........PE..L.....Oa...........!.........0......g........0............................................@..........................6..k....0.......p...............................................................................0...............................text............................... ..`.rdata..{....0......................@..@.data...h!...@......................@....rsrc........p....... ..............@..@.reloc..~............"..............@..B................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsn14F2.tmp\nsJSON.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    File Type:PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):24064
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.819708895488079
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:384:n7U5CiIZ1ZC2RvhrTfldNuwQ5pk+BISivMyyOgqCoRUj+OvHxOuofnykhVQJrTU:YoZ1ZnhrTfldqk7Yyy94RxOcVQJrT
                                                                                                                                                                                                                                                                                    MD5:F4D89D9A2A3E2F164AEA3E93864905C9
                                                                                                                                                                                                                                                                                    SHA1:4D4E05EE5E4E77A0631A3DD064C171BA2E227D4A
                                                                                                                                                                                                                                                                                    SHA-256:64B3EFDF3DE54E338D4DB96B549A7BDB7237BB88A82A0A63AEF570327A78A6FB
                                                                                                                                                                                                                                                                                    SHA-512:DBDA3FE7CA22C23D2D0F2A5D9D415A96112E2965081582C7A42C139A55C5D861A27F0BD919504DE4F82C59CF7D1B97F95ED5A55E87D574635AFDB7EB2D8CADF2
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......U.'..fI_.fI_.fI_3.H^.fI_.fH_?fI_.8M^.fI_.8I^.fI_.8._.fI_.8K^.fI_Rich.fI_........PE..L...`..Z...........!.....>..........E........P............................................@..........................X......@Z..P....p..........................H....X...............................................P...............................text...W<.......>.................. ..`.rdata.......P.......B..............@..@.data...@....`.......R..............@....rsrc........p.......T..............@..@.reloc..H............X..............@..B........................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsq669D.tmp

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):318525781
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.931313706371873
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3145728:EEnqgvUBRlhK9QJiDS610scieJq1SXCSnsmdAGonTn:EEIKe0Djq7hCSkH
                                                                                                                                                                                                                                                                                    MD5:1E82AC21A0AB4FB084013AC7F54B3647
                                                                                                                                                                                                                                                                                    SHA1:152308A3F71C6CB7EADC4A6ECE3991E679CFC92F
                                                                                                                                                                                                                                                                                    SHA-256:6A776340A1B9EC3E8094D3B46C247A3144F882D57AD976E6467407B8E09C3204
                                                                                                                                                                                                                                                                                    SHA-512:A2F2C3C83F2FA83EEDBC3D70BF60E7DD16794B7DACD41FF2DA225034349ED2FDA070BA12F4E5E880A5B5FD81FA58B9C115B9A5812728575750704647654FDE89
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.7......,.......,.......D...=...........^6......\7..............................................................m...........................................................................................................................................................................3................2..................................................................................................................................j.......................k...................................................................................................................s..........................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):93386616
                                                                                                                                                                                                                                                                                    Entropy (8bit):7.99999306217129
                                                                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                                                                    SSDEEP:1572864:52KX1mfH5AoIZnp9/pkhKzHjrSADzxet6X3mRsDqpszbyxjpB3ayh1sN1KGoMy1u:5jExAJh/pksTnFet6mu2G0jptggJ+flP
                                                                                                                                                                                                                                                                                    MD5:84EE733F8014D22DAD2DFEF725489980
                                                                                                                                                                                                                                                                                    SHA1:950A437488464103B9BF34610962C22192585BFC
                                                                                                                                                                                                                                                                                    SHA-256:F42D2BF4A50AB0CDB4A1C43964F0429C4663E27C76D8C61AFA174A531A7819A1
                                                                                                                                                                                                                                                                                    SHA-512:132C9BE1217804B73F8A99EA44D702E9DA0782CB6BBCC80DB2C2C72BDA1A93D06B2ADEF1B464F9163311F7482B2400553BA082C0F7F3CCF3B42C8C9B881306EB
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 46%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf.*_9..Pf..Pg.LPf.*_;..Pf.sV..Pf..V`..Pf.Rich.Pf.........................PE..L.....Oa.................h...*......@6............@.......................... ............@.............................................HO.......... ..X)...........................................................................................text...vf.......h.................. ..`.rdata...............l..............@..@.data...x...........................@....ndata... ...............................rsrc...HO.......P..................@..@................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Local\Temp\temp

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:GIF image data, version 89a, 1 x 1
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):42
                                                                                                                                                                                                                                                                                    Entropy (8bit):2.9881439641616536
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3:CUXPQE/xlEy:1QEoy
                                                                                                                                                                                                                                                                                    MD5:D89746888DA2D9510B64A9F031EAECD5
                                                                                                                                                                                                                                                                                    SHA1:D5FCEB6532643D0D84FFE09C40C481ECDF59E15A
                                                                                                                                                                                                                                                                                    SHA-256:EF1955AE757C8B966C83248350331BD3A30F658CED11F387F8EBF05AB3368629
                                                                                                                                                                                                                                                                                    SHA-512:D5DA26B5D496EDB0221DF1A4057A8B0285D15592A8F8DC7016A294DF37ED335F3FDE6A2252962E0DF38B62847F8B771463A0124EF3F84299F262ED9D9D3CEE4C
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:GIF89a.............!.......,...........D.;

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 11 20:25:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2677
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.9782429039143414
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:8K2d6TG++HjidAKZdA19ehwiZUklqehDy+3:8KbDSMy
                                                                                                                                                                                                                                                                                    MD5:11B0183D856D97DC23C8FBEF5B9DDDC2
                                                                                                                                                                                                                                                                                    SHA1:95D97550386DC37823517FF5F557FECBEA5C28F9
                                                                                                                                                                                                                                                                                    SHA-256:EB4C2C83B348B0EF5135E79681434A6BD1B8E424150924CD57E5DA9C9741D623
                                                                                                                                                                                                                                                                                    SHA-512:F6E812745BDD155FC7FA8D22B78A325935708BF8F16D524C16D9286714330A3778E36F36820AF82580F7F90C7F080E1D6992C2FDAED2E4770E7C41E6689D5186
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:L..................F.@.. ...$+.,......&7.4..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IkY*.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VkY*.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VkY*.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VkY*............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VkY,............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............j.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 11 20:25:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2679
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.9943802689306205
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:82N2d6TG++HjidAKZdA1weh/iZUkAQkqeh8y+2:8SbDI9QRy
                                                                                                                                                                                                                                                                                    MD5:DDA864680C12FBCAB6D4ADA5D8566CDC
                                                                                                                                                                                                                                                                                    SHA1:0DC5758C3B27CEBB12376F5171986F72233EA780
                                                                                                                                                                                                                                                                                    SHA-256:E4EE1E9331C292195DEFA9D32E532C94DBC01A54396B21522FCD2CA27469F3FE
                                                                                                                                                                                                                                                                                    SHA-512:FA0AACBE9AE3BEA923701EF09A07EE45B6ECCA48B3BF487456BFCE84D977AE71672BD1E44742970422393EE005084CC8E2DB289C891B9944BF73DFE625DD2402
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:L..................F.@.. ...$+.,....r..7.4..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IkY*.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VkY*.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VkY*.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VkY*............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VkY,............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............j.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Wed Oct 4 12:54:07 2023, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2693
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.0065269718428755
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:8xO2d6TG+sHjidAKZdA14tseh7sFiZUkmgqeh7sCy+BX:8xObDmn4y
                                                                                                                                                                                                                                                                                    MD5:0E3D9B3C4C170C30152D4EEDC4E53E84
                                                                                                                                                                                                                                                                                    SHA1:F984A3DA3E2CA38DE08E9FF42EB0C472500E48CC
                                                                                                                                                                                                                                                                                    SHA-256:E68752E309BE8EBC3D31E6431F94DA1E8832417F80DBE3A28CFA5802457ADEAC
                                                                                                                                                                                                                                                                                    SHA-512:281B273BE6CAA8813ED3044DDFF3EF5539488D582633B47FF4C35759CEDE12F4E99D5F147DD719B909EDB721BCE0C5CF3C5E15DF7DF8C32319C387B4B044D49B
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:L..................F.@.. ...$+.,......e>....N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IkY*.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VkY*.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VkY*.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VkY*............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VDW.n...........................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............j.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 11 20:25:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2681
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.990982374744066
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:8J2d6TG++HjidAKZdA1vehDiZUkwqehAy+R:8JbDTKy
                                                                                                                                                                                                                                                                                    MD5:7C96CF9F969DE0A4F6EA1497C7F0BD59
                                                                                                                                                                                                                                                                                    SHA1:FB2EAEF48EF4D420DB88386003A7E059C61B017B
                                                                                                                                                                                                                                                                                    SHA-256:6266695A5CF2A63C407F5ED5231BA3B1D15A27183AD67FAC4F434CF5507DE9D7
                                                                                                                                                                                                                                                                                    SHA-512:E347E8EDA76ACD937FE5D2DF2954977FED5355163C5F246E263DCCB18A9EB8D18B76EE23F1CEFC47DFA9E31DD9A30485205FCBC136F0BDE3E6408F233FC67B82
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:L..................F.@.. ...$+.,.....y.7.4..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IkY*.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VkY*.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VkY*.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VkY*............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VkY,............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............j.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 11 20:25:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2681
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.9796728296997643
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:8n2d6TG++HjidAKZdA1hehBiZUk1W1qeh+y+C:8nbDD9ey
                                                                                                                                                                                                                                                                                    MD5:62A91B0322C37F4AC8A0AE3F10DE924A
                                                                                                                                                                                                                                                                                    SHA1:BAD532400067A5F012C720665554C6F5679879D5
                                                                                                                                                                                                                                                                                    SHA-256:4B3D23D5A9D4D6E85BC28C315D4FBF3F1F9C2671DF55DCC00D8C79003645D674
                                                                                                                                                                                                                                                                                    SHA-512:07F23BA933140D82B86D91304951C0A41E9D8FD3BAE7DB5F5DD21437BA9E08743BEDD520087268810B719290E3FB183689D7E49EC64652FD8F8B39892D3C1169
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:L..................F.@.. ...$+.,....l~.7.4..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IkY*.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VkY*.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VkY*.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VkY*............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VkY,............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............j.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Tue Oct 3 09:48:42 2023, mtime=Mon Nov 11 20:25:22 2024, atime=Wed Sep 27 04:28:28 2023, length=1210144, window=hide
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2683
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.99028184037426
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:8Hk2d6TG++HjidAKZdA1duT+ehOuTbbiZUk5OjqehOuTb4y+yT+:8HkbDzT/TbxWOvTb4y7T
                                                                                                                                                                                                                                                                                    MD5:4EDA87AB859BE0D90AE838CB7272CB7C
                                                                                                                                                                                                                                                                                    SHA1:16E6E71339FC184EE0430877154157B6BFE10B7A
                                                                                                                                                                                                                                                                                    SHA-256:8AE63AEB8CD1CB730B4DCDF8F31725837315D1556DC6A2E583C9423488C22370
                                                                                                                                                                                                                                                                                    SHA-512:EEC7CABBACA50ED4641C2B29915E8DCA497D018882240BD30A0C2964A6873595AF8697160F3E5E10F8BC8E1B4A25142D5798368FD2EB7812671981AF18F117C6
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:L..................F.@.. ...$+.,..../O.6.4..N.Yr.... w......................1....P.O. .:i.....+00.../C:\.....................1.....DWWn..PROGRA~1..t......O.IkY*.....B...............J......SX.P.r.o.g.r.a.m. .F.i.l.e.s...@.s.h.e.l.l.3.2...d.l.l.,.-.2.1.7.8.1.....T.1.....CW.V..Google..>......CW.VkY*.....L.....................p+j.G.o.o.g.l.e.....T.1.....CW.V..Chrome..>......CW.VkY*.....M......................8..C.h.r.o.m.e.....`.1.....CW.V..APPLIC~1..H......CW.VkY*............................"&.A.p.p.l.i.c.a.t.i.o.n.....n.2. w..;W.+ .CHROME~1.EXE..R......CW.VkY,............................H..c.h.r.o.m.e._.p.r.o.x.y...e.x.e.......j...............-.......i..............j.....C:\Program Files\Google\Chrome\Application\chrome_proxy.exe..S.....\.....\.....\.....\.....\.....\.....\.....\.....\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.\.c.h.r.o.m.e._.p.r.o.x.y...e.x.e.*.C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s.\.G.o.o.g.l.e.\.C.h.r.o.m.e.\.A.p.p.l.i.c.a.t.i.o.n.F

                                                                                                                                                                                                                                                                                    C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=0, Archive, ctime=Fri Oct 25 14:14:38 2024, mtime=Mon Nov 11 20:26:07 2024, atime=Fri Oct 25 14:14:38 2024, length=3116888, window=hide
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1862
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.487576085002296
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24:8gfbllt2P+Yk0Ae6R7FwtkkdiO/7MLUEfqygm:8gTwP+YkDekBOdiYECyg
                                                                                                                                                                                                                                                                                    MD5:9B4520728FA9AE198F0863057911A2FF
                                                                                                                                                                                                                                                                                    SHA1:B7C814795ED2AC01C5E9A24D081AE9B4C6F526BA
                                                                                                                                                                                                                                                                                    SHA-256:0C94715C29094EBF9B860E9CC382BACD1F6084C43498C7233F8B26572595AA5B
                                                                                                                                                                                                                                                                                    SHA-512:80D13EC6CBCA4A169F4DA62543A707D6FECE2F6418889440760E9591DC7337D63669973BAD83764506A89D6AB5A57E9C61DCC0736C959390E225DAF1D509FE24
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:L..................F.@.. .....y..&..,.9R.4....y..&..X./.....................0.:..DG..Yr?.D..U..k0.&...&...... M...... )@.4....MR.4......t...CFSF..1.....kYD...PCAPPS~1....t.Y^...H.g.3..(.....gVA.G..k...F......kY3.kYD.....Y......................0..P.C.A.p.p.S.t.o.r.e...D.j.2.X./.YY.y .PCAPPS~1.EXE..N......YY.ykYD...... ........................P.c.A.p.p.S.t.o.r.e...e.x.e.......X...............-.......W..............j.....C:\Users\user\PCAppStore\PcAppStore.exe..+.....\.....\.....\.....\.....\.....\.P.C.A.p.p.S.t.o.r.e.\.P.c.A.p.p.S.t.o.r.e...e.x.e...C.:.\.U.s.e.r.s.\.a.l.f.o.n.s.\.P.C.A.p.p.S.t.o.r.e.../.i.n.i.t. .d.e.f.a.u.l.t. .s.h.o.w.M.).C.:.\.U.s.e.r.s.\.a.l.f.o.n.s.\.P.C.A.p.p.S.t.o.r.e.\.p.c.a.p.p.s.t.o.r.e...i.c.o.........%USERPROFILE%\PCAppStore\pcappstore.ico.........................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\AutoUpdater.exe

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):586584
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.337989770444409
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:BYnWgtbxN7L7kYcMB/cA4hxWbZKcXErHNkQLtZ9wNmCc0r93SFzd7FSAaxXDj5w:BYnWC7sQB/cA4nLrtkWemCn9YBUxXXy
                                                                                                                                                                                                                                                                                    MD5:693221C78FDC00A0F87FB3D1381308D4
                                                                                                                                                                                                                                                                                    SHA1:5ABD1481B0918A1815B542BFCB2EAD542C233DB8
                                                                                                                                                                                                                                                                                    SHA-256:6BB4786AB76767D1F9B2E19FD1A20F2F76CF1BB96127FC26741F2BE609E7680D
                                                                                                                                                                                                                                                                                    SHA-512:A58F0A1EA54ED94EDF3129088D89F2064F7D93ECD30F9590307963B287C8FF45580DC4D9A48F6D6C4AF72DB6E1E82EEF0EA3E4BF756B93B159C3CDE808041CFD
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 5%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..............................f....f....f...............g.....gH.... ....g....Rich...........PE..d......g.........."....).....V.................@.....................................x....`.................................................P............G...P..PR......X)..........P...T.......................(.......@............................................text............................... ..`.rdata...m.......n..................@..@.data....<....... ..................@....pdata..PR...P...T... ..............@..@.rsrc....G.......H...t..............@..@.reloc..............................@..B................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\PcAppStore.exe

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):3116888
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.959240683924359
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24576:V9kabuTUmENsEyg1IgoPYbvE8C9BHv3QJTbiNG8g9MEiYQgsSryyH2mtJXKMCSd+:V5bGEXi8mPY9pMFxu7cnZN3
                                                                                                                                                                                                                                                                                    MD5:4B88D8ADA8D22622C30D581FC38EAA52
                                                                                                                                                                                                                                                                                    SHA1:0980A7B75DB94035A5DE1696210648ACB95ACEDE
                                                                                                                                                                                                                                                                                    SHA-256:D4DE255AE1109391E4A4A967A8AD66DFB70FCCA7DB47777E40815F4E7B19F2A2
                                                                                                                                                                                                                                                                                    SHA-512:0F87422498ED3C60ED21CDA492D038D10509E3B40E5E9D7614B6CB0EF903E241AD1BA9C2F67B43D9DA3980990735A5E0C325002E43E0A41CB12947E2DBECF19F
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 8%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........l4 O.ZsO.ZsO.Zs.uYrG.Zs.u_r..Zs_.^r\.ZsFu.sM.Zs_.YrC.Zs_._r$.Zs.u^rX.Zs.u\rN.Zs.u[rf.ZsO.[s..Zs..^rM.Zs.._r~.Zs...sN.ZsO..sN.Zs..XrN.ZsRichO.Zs........PE..d......g.........."....)..&..........+"........@.............................P0....../...`...................................................*......./.P^....-......f/.X)... 0..&..0").p....................$).(.... ).@.............&.H............................text.....&.......&................. ..`.rdata...`....&..b....&.............@..@.data...H.... +.......+.............@....pdata........-.......,.............@..@.rsrc...P^..../..`..................@..@.reloc...&... 0..(...>/.............@..B........................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ReadMe.txt

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):146
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.577360416859904
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3:TKPyFfliFRNAl2sIaRjyM1KOTxLELMZ4MKLJF8EelYq8AsXJVVWM4v:TyyFflmSssI+j1NLELM6MKn8EquZVVCv
                                                                                                                                                                                                                                                                                    MD5:2845450EA9D938CFEA9809CA0C827F12
                                                                                                                                                                                                                                                                                    SHA1:8DE2189530DA5923365436C37E4C55C500AC3FBF
                                                                                                                                                                                                                                                                                    SHA-256:7FDADB3CA5B81C6D1C58A20610921BF89D63DC65B77BE982F422C6FD2A13F166
                                                                                                                                                                                                                                                                                    SHA-512:7D19FE6E9DD51BB880FD6FBB7EE126C8078771EE5166D53F312B04D117CE2897CBB6DFB5E5627314C3CF8B56F7A2BBF5B9D38258E7912B0AC5D420B611B7C363
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:Fhis folder contains the PC App Store for Microsoft Windows.....For additional information, please visit https://pcapp.store/?p=lpd_appstore-faq..

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\Temp\tempPOSTData

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2455
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.147649209570492
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:YZ1HdLyDF9h4/3ZMqr8ZPfOqfpbc5AvzlcYeqAf9rREty6WH1AhNf6vXFmSDBkMK:oNd+upMtZPP25AblcMAxRqy6WH1AhNfh
                                                                                                                                                                                                                                                                                    MD5:50197F9700BB9567C84A223CD33D5FA4
                                                                                                                                                                                                                                                                                    SHA1:EE6FFBF679A49F611AD633BA1F010C41E1D4FA44
                                                                                                                                                                                                                                                                                    SHA-256:CC1425E5ED8390E840CC0CB7809BE6238CA4C7A9B64A584E9732FD2EB45F52A5
                                                                                                                                                                                                                                                                                    SHA-512:3CDFA1B21D8FC9B1A955C0775DB2D680A68CC09CD54E48662C4E8EE674952097A465EFEB07334F87BCC997C303F68F02C95A357151D06FF9FB252CD4E8B094C2
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:{"system_stats":{"os_name":"Microsoft+Windows+10+Pro","os_installdate":"20231003105718%2E000000%2B120","os_processes":"110","os_architecture":"64-bit","os_virtmem":"8387636","os_mem":"4193332","cpu_name":"Intel%28R%29+Core%28TM%292+CPU+6600+%40+2%2E40+GHz","cpu_maxclock":"2000","cpu_cores":"4","cpu_logicalproc":"1","pc_vendor":"VMware%2C+Inc%2E","pc_version":"None","gpu_name":"26ZMCXA","gpu_ram":"0","gpu_bitsperpixel":"32","gpu_x":"1280","gpu_y":"1024","disk_name":"3K6V_LVU+SCSI+Disk+Device","disk_size":"412300001200","sec_as":"","sec_av":"Windows+Defender","sec_fw":"","bios_releasedate":"20221121000000%2E000000%2B000"},"pcapps":{"0":"7-Zip+23%2E01+%28x64%29","1":"Mozilla+Firefox+%28x64+en-US%29","2":"Mozilla+Maintenance+Service","3":"Microsoft+Office+Professional+Plus+2019+-+en-us","4":"Microsoft+Visual+C%2B%2B+2022+X64+Additional+Runtime+-+14%2E36%2E32532","5":"Office+16+Click-to-Run+Licensing+Component","6":"Office+16+Click-to-Run+Extensibility+Component+64-bit+Registration","7":"Ad

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\Temp\tempPOSTResponse

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):73
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.089026662492467
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3:YGVE8fptxgDQLRv6zjQJNRvUXZ5:YGFRt9IoNaZ5
                                                                                                                                                                                                                                                                                    MD5:3024A54E0C352ABE5EB5F753CA4828DA
                                                                                                                                                                                                                                                                                    SHA1:DF0206851654405C8E5C2D3BC96FB536B8C2DCBF
                                                                                                                                                                                                                                                                                    SHA-256:3CD0A703506C7394D6115D9FF721516560894358AEF07459F30D8930DF6C3B61
                                                                                                                                                                                                                                                                                    SHA-512:D9D44051DF56B29AA596EE38463B781DBE27F917F7DAE1B2420122616DA108520429DDA58C75C7E6B2D41093F83C5A4BAE96024885AF3956F23A3CE5BD3F9358
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:{"cpg":"default","inst_excl":null,"inst_addon":null,"inst_advanced":null}

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\Uninstaller.exe

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):93880
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.891280387415397
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:1536:2msAYBdTU9fEAIS2PEtu3rLFn22G9RowU49TV1Z43kUFInU73ALu:FfY/TU9fE9PEtubZrMtkkxUUi
                                                                                                                                                                                                                                                                                    MD5:CD8B6F1BD281C288FB3F68925639B424
                                                                                                                                                                                                                                                                                    SHA1:25EA108C45905418B8FDA2FCCF5ADA0EDE2710E5
                                                                                                                                                                                                                                                                                    SHA-256:808FE10CBF09F21359E1D61860BFCDDE553F5CDA38723ECD0636FA25F652121D
                                                                                                                                                                                                                                                                                    SHA-512:A05C60EA499BEA246FF0CB3308108862CDC56BC44A4E14F546FE8AF4C52172F73F5973EBA03FF1F2BB1C575C15BF62421034C02AFA703D093B986F95A999E1B6
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 29%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf.*_9..Pf..Pg.LPf.*_;..Pf.sV..Pf..V`..Pf.Rich.Pf.........................PE..L.....Oa.................h...*......@6............@.......................... ......f.....@.............................................HO..........`E..X)...........................................................................................text...vf.......h.................. ..`.rdata...............l..............@..@.data...x...........................@....ndata... ...............................rsrc...HO.......P..................@..@................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\Watchdog.exe

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):276312
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.155274238783893
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3072:JNh5y0IKTcOq1wpRsrIA/uuNT4KddgLA/exq10mMfnW9L/or6RMr4T+cnOMX4Hen:jyJKA5KKdWLA/GZhnWlV94+3H3
                                                                                                                                                                                                                                                                                    MD5:11F3801CB9FF046D6075F681971C4EB8
                                                                                                                                                                                                                                                                                    SHA1:91572872A265185E7F9793B50C5257B511707B36
                                                                                                                                                                                                                                                                                    SHA-256:5BD22345C42FC1B7C89C281C9247BC81DBBDB4C8EF4DA76E2A9D86589D8CC118
                                                                                                                                                                                                                                                                                    SHA-512:B7E1A5F391E112AAC0CFA8239AD5AE784161C8734C9A4F3EF386FF617915F7AC769A5DB790B66BD95E6DAB8BAABCC4E51DE31D614193CB69909DF393DC77A021
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 5%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........P........................H............Q.......Q.......Q..................t....P.......P&.......N......P......Rich............................PE..d......g.........."....).............,.........@.............................p...........`.....................................................x........G.......1......X)...`.......O..p....................Q..(...PN..@............................................text............................... ..`.rdata..............................@..@.data....%...........|..............@....pdata...1.......2..................@..@.rsrc....G.......H..................@..@.reloc.......`......................@..B................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\NW_store.exe

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2312704
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.449649685576397
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:49152:gg6wrmvfu6ZPfRFq8BcvDEzT3CuaMUgKS:H8Zn3Ci
                                                                                                                                                                                                                                                                                    MD5:E472E46BDFD736351D4B086B4C4CA134
                                                                                                                                                                                                                                                                                    SHA1:1AA886F0CB23B3D322A43BE797D411FCA84D82A7
                                                                                                                                                                                                                                                                                    SHA-256:E825A252B5C5C9C2DE8A6A6ADE12A7F9CD0040F6A20E6EE44BA659034E6D5223
                                                                                                                                                                                                                                                                                    SHA-512:173F5A7ABDFEA01C9C21EC716CBA14EEC4539DA45E5734B3FD1E0688E1C22E4718BD701C25C8040D20CF48867E2A67EF2ABA46380BAB9AB1F7A42BD66FD33AFB
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...P0Wd.........."..........R.......R.........@.............................0$...........`.........................................',.......,..d....0........................$.@!..l...8...................@...(.......8............4..........`....................text...X........................... ..`.rdata..............................@..@.data............F..................@....pdata..............................@..@.gxfg...P........0..................@..@.retplne.............N...................tls.................P..............@....voltbl.D............T..................CPADinfo8............V..............@..._RDATA...............X..............@..@malloc_h0.... .......Z.............. ..`.rsrc........0.......\..............@..@.reloc..@!....$.."...(#.............@..B................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\credits.html

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:HTML document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):9560433
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.8475056659478915
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24576:/28lTEaiPJK0PJgVEv+F26vbV2f2EvYvAKMc/+uBPJ1PJLPJ1PJOPJDKspVosXxY:/2ETWgqSq+sIp2+qO1McdLRPiY2zXO
                                                                                                                                                                                                                                                                                    MD5:7A32B7C762C76BD3EE38E3E998705899
                                                                                                                                                                                                                                                                                    SHA1:E1C611A57115374A48CD84619BD06E43021B7352
                                                                                                                                                                                                                                                                                    SHA-256:726276A62DB14DD751F32B77200E90A8000712BD256ED038BEA928C6AEF0C892
                                                                                                                                                                                                                                                                                    SHA-512:9FE66FE4479915B0EFE12ADFB386BA251B2C2AF8CCD92B4D67F61C9D2AE537C6D3512E4379AFF10EAB3CD433FC1EDEC702E63DDFE4F83769A746FF249288D4DA
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview: Generated by licenses.py; do not edit. --><!doctype html>..<html>..<head>..<meta charset="utf-8">..<meta name="viewport" content="width=device-width">..<meta name="color-scheme" content="light dark">..<title>Credits</title>..<link rel="stylesheet" href="chrome://resources/css/text_defaults.css">..<link rel="stylesheet" href="chrome://credits/credits.css">..</head>..<body>..<span class="page-title">Credits</span>..<a id="print-link" href="#" hidden>Print</a>..<label class="show show-all" tabindex="0">..<input type="checkbox" hidden>..</label>..<div class="open-sourced">.. Chromium software is made available as source code.. <a href="https://source.chromium.org/chromium">here</a>...</div>....<div style="clear:both; overflow:auto;"> Chromium <3s the following projects -->..<div class="product">..<span class="title">2-dim General Purpose FFT (Fast Fourier/Cosine/Sine Transform) Package</span>..<span class="homepage"><a href="http://www.kurims.kyoto-u.ac.jp/~ooura/fft.html">h

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\d3dcompiler_47.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):4916712
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.398049523846958
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:49152:KCZnRO4XyM53Rkq4ypQqdoRpmruVNYvkaRwvhiD0N+YEzI4og/RfzHLeHTRhFRNc:xG2QCwmHPnog/pzHAo/A6l
                                                                                                                                                                                                                                                                                    MD5:2191E768CC2E19009DAD20DC999135A3
                                                                                                                                                                                                                                                                                    SHA1:F49A46BA0E954E657AAED1C9019A53D194272B6A
                                                                                                                                                                                                                                                                                    SHA-256:7353F25DC5CF84D09894E3E0461CEF0E56799ADBC617FCE37620CA67240B547D
                                                                                                                                                                                                                                                                                    SHA-512:5ADCB00162F284C16EC78016D301FC11559DD0A781FFBEFF822DB22EFBED168B11D7E5586EA82388E9503B0C7D3740CF2A08E243877F5319202491C8A641C970
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........|3..]...]...]..e\...]...\.5.]..e...]..wX...]..wY...]..e^...]..eX.y.]..eY...]..e]...]..eU./.]..e....]..e_...].Rich..].................PE..d...^.}`.........." ......8..........<).......................................K.....:FK...`A........................................`%G.x....(G.P.....J.@.....H.......J..%....J.....p.D.p....................S<.(...pR<.@............S<.(............................text.....8.......8................. ..`.rdata...F....8..P....8.............@..@.data...`....@G......@G.............@....pdata........H......@H.............@..@.rsrc...@.....J......@J.............@..@.reloc........J......PJ.............@..B........................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\ffmpeg.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2028032
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.64708834859118
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24576:x+QrVq8lxXjKAri3/8XLpvdZ4RAfdDY0K1w/cjWsdSJNTtMfxTCC:pdlNBfXt16RsFY0K3jWsdQVtM0C
                                                                                                                                                                                                                                                                                    MD5:5FFF6F0423A38BFAF174CB670650F4F9
                                                                                                                                                                                                                                                                                    SHA1:13ECD1C4784A5A178A998E9FC0DC08F556121712
                                                                                                                                                                                                                                                                                    SHA-256:D4E6FC4E1BC6CB5B3EF7010E61D3A65E97804FB20346CEE657688339075B2727
                                                                                                                                                                                                                                                                                    SHA-512:E6FF0EA9F6196470F6E094D0AB655FB527C28FC2B2A5D126A10C1F4185C0DFF5ED4F19E7ED717D67DF324562B7AA56ED87AA0BD396A6BA722D3141B9F30FC41B
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...P0Wd.........." .........D......0.........................................c...........`A.........................................T.......Z..(.....c.0.....b..|............c..2...<..8....................;..(....<..8...........8^..`............................text............................... ..`.rdata..\7.......8..................@..@.data....D......"..................@....pdata...|....b..~..................@..@.gxfg....,....c.....................@..@.retplne.....@c..........................tls.........Pc.....................@....voltbl.8....`c........................._RDATA.......pc.....................@..@.rsrc...0.....c.....................@..@.reloc...2....c..4..................@..B................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\icudtl.dat

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):10717392
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.282534560973548
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:196608:hpgPBhORiuQwCliXUxbblHa93Whli6Z86WOH:n8wkDliXUxbblHa93Whli6Z8I
                                                                                                                                                                                                                                                                                    MD5:E0F1AD85C0933ECCE2E003A2C59AE726
                                                                                                                                                                                                                                                                                    SHA1:A8539FC5A233558EDFA264A34F7AF6187C3F0D4F
                                                                                                                                                                                                                                                                                    SHA-256:F5170AA2B388D23BEBF98784DD488A9BCB741470384A6A9A8D7A2638D768DEFB
                                                                                                                                                                                                                                                                                    SHA-512:714ED5AE44DFA4812081B8DE42401197C235A4FA05206597F4C7B4170DD37E8360CC75D176399B735C9AEC200F5B7D5C81C07B9AB58CBCA8DC08861C6814FB28
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:...'........CmnD........ Copyright (C) 2016 and later: Unicode, Inc. and others. License & terms of use: http://www.unicode.org/copyright.html ......E.......E.......E..P/...E.../...E..P7...E...7...E...h...F...h.. F..Pi..0F......DF.....WF.....jF..P...}F.......F..`....F.......F.. ....F.......F..0....F.......G......G......(G.....;G..@...NG......aG.....tG.......G.......G..@....G.......G.......G.......G..P....G.......H.......H..P...2H......EH..`...UH......hH......yH..P....H.......H.......H..`....H.......H.......H..P....I.......I......-I..@...=I......PI......aI..@...uI.......I...0...I.. 1...I..p1...I...e...I...e...I...i...I..`i...J...i..)J...K..BJ..p...^J..."'.uJ..P.'..J....'..J...5'..J..06'..J...>'..J..P?'..K...D'..K...F'.0K...H'.IK...V'.hK....(..K....(..K..P.)..K....)..K..pW*..K..P.*..L...*+.?L..p.+.bL....+..L...U,..L....,..L....,..L....,..L..@.,..M....,.-M..P.-.IM.. e-.`M...e-.~M...R/..M.../..M..0.0..M..@.0..M..P.0..M....0..N....0.!N...,0.9N...,0.NN..0-0.fN...-0.vN...Y0..N...Z0..N..

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\libEGL.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):454144
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.3485070297294985
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:yLSe7mxAked1dLX9ValhL1IA9SbD/9PAE:yExAkedHLX9VC9OKE
                                                                                                                                                                                                                                                                                    MD5:7255FCCD39F330CA2123F380B4967E0A
                                                                                                                                                                                                                                                                                    SHA1:C8E0E1A3E129DF7AB8922F039FFDBBA20DFBA8E2
                                                                                                                                                                                                                                                                                    SHA-256:22C2E5452FB01513C331B9E88313830C96EB3E554FAB942AFCBD6FB8702DF730
                                                                                                                                                                                                                                                                                    SHA-512:ECD66B0A43AEFD2C4721CD574D2394A2A9069B5258E310A0FC16C3919FD2505BFE91DB2FF8E4B5C7EF0187C86B167004659D15943F5BE6DF42BBFC297FB42119
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...P0Wd.........." .................7....................................................`A........................................`...h.......(.......x........A..............(...L...8...................0...(....)..8............... ............................text...2........................... ..`.rdata...}.......~..................@..@.data....O...`... ...H..............@....pdata...A.......B...h..............@..@.gxfg...`%.......&..................@..@.retplne.....0...........................tls....!....@......................@....voltbl.8....P.........................._RDATA.......`......................@..@malloc_h0....p...................... ..`.rsrc...x...........................@..@.reloc..(...........................@..B........................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\libGLESv2.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):8058880
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.448026576223661
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:98304:XUoMnbHa6h5CmPt75W2+G15kI6a7Xm3rC:gDTCe4rt/aTCr
                                                                                                                                                                                                                                                                                    MD5:6CD8726BEEFCFA69B48EAB1362A5CAD5
                                                                                                                                                                                                                                                                                    SHA1:F4249179B86C0A870C55E6C5A263180C77017E81
                                                                                                                                                                                                                                                                                    SHA-256:2636DA528EDCAEC9834255A92411BD5DA921D793825D74CEB997E336A0DBD393
                                                                                                                                                                                                                                                                                    SHA-512:0F6600315B0E1B5371BB39290E5417EBAA0F3C7FB47EEF32D73AFCE299722A426DD244FD3775D88FCEB6F170F16B23B099244EE825F7F8185D58F1BF28583515
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...P0Wd.........." ......^...........Z.......................................{...........`A.........................................2r.......s.d.....z.......x.HX............{.|...$.q.8.....................q.(.....p.8.............s.....@1r.@....................text.....^.......^................. ..`.rdata..d....0^.......^.............@..@.data.........s.......s.............@....pdata..HX....x..Z...pw.............@..@.gxfg....,...pz.......y.............@..@.retplne......z.......y..................tls....Q.....z.......y.............@....voltbl.D.....z.......y................._RDATA........z.......y.............@..@malloc_h0.....z.......z............. ..`.rsrc.........z.......z.............@..@.reloc..|.....{.......z.............@..B........................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\af.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):502905
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.409605383978337
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:Mqyim2uho5EnirXKhaG1B2+H2JynyaH4IFzZo0vgElgA2W0PSq+2ss30fzO75g6p:U2uhounkXyd1B2+H2JynyaH4IFzZo0ve
                                                                                                                                                                                                                                                                                    MD5:8032CB8A1B40AC85ACBEAFD6514BE668
                                                                                                                                                                                                                                                                                    SHA1:EE15C360BD913FFEC94E9E36224548CA83B2564C
                                                                                                                                                                                                                                                                                    SHA-256:1762EB36E254C02A50ED089ED737235FD7A64C0D234581612ACA56F6398CAC97
                                                                                                                                                                                                                                                                                    SHA-512:956241DA1EE60C648417C6BF3921554F1F19AB17163DBDA764AE0DC21E1729C9357BFB900B1F948D2C649F9D53DA7CEFF3128B8CFAB34FD03053A8C37C663F5D
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........$&).e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.....w.(...y.....z.=...|.C...}.U.....].....b.....j.....r.....z.................................................................Y.................&.......................).................H.....]...........#.....X.....q.................9.....G.......................*.......................4................./.....L.................:.....L.................6.....E.................T.....j...........R.......................G.....d.....u.................,.....9.............................I.......................?.......................%.....m.......................6.....].....f.................(.....1.................`.....w.................:.....R.......................5...............................................P.............................~.......................~...................................p.................] ..... ..... .....!.....!.....!.....!....."....Y"....}"....."....."....9#....d#

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\af.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\am.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):813426
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.915984741122479
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:dTZog2ule8/xHT9KG3Sj+KRRz0l85X9icV03OzP+Xx30jH8+j:/ogg8/xpKGCj+KRRz085X9icV03OzP+W
                                                                                                                                                                                                                                                                                    MD5:7B88BD642C86EC4D4FB9A5614D1DA63F
                                                                                                                                                                                                                                                                                    SHA1:92CF23267B78039E2413F7F7F90E6636614A0C5C
                                                                                                                                                                                                                                                                                    SHA-256:0C1DE970426BA291B10CD08FF0E6B078ADF4C1D07B24E0D89D9322FD2EC2E296
                                                                                                                                                                                                                                                                                    SHA-512:17E2381491A8844D1AD6910C3876C817ADE5CF2DAD8461771BAE9E967F7F64954917E20F8258CE6548AF1C21F8CF7E9477C7BCDCE6DD216140BF4D32410A31D9
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........?&..e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.%...s.6...t.?...v.T...w.a...y.g...z.v...|.|...}.....................................................................................0.....O.....$.......................u.....-.......................i................................... .................\.....o...........h.................f...........7.....g.....J...........\........... .............................\.............................r...........l.....+.................Z.......................z...........".....5.................B.....U.......................?...........o ..... ..... ....r!.....!....Q"....g".....".....#.....#.....#....l$.....$....6%....F%.....%.....&...."'....H'.....'....;(....u(.....(....!).....).....).....).....*.....*....C+....\+.....,.....,.....,....E-.....-....'.....`............/...../...../.....0.....0....A1.....1.....1.....2....`3.....3.....4.....4....y5.....5.... 6.....6.....7.....7.... 8.....8.....8.....9.....9.....9....p:.....:

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\am.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ar-XB.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):822020
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.925237393732045
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:vFB3t9DiYK8a4HHFLrgOIPcd1CyWpQ5fuiDbmpQ:vn3t5SzU5fu+
                                                                                                                                                                                                                                                                                    MD5:621B390B8AF0C70D682715323A92B61F
                                                                                                                                                                                                                                                                                    SHA1:C34B2F2C91CD0786FEBBD26223D1CB096A87C1F4
                                                                                                                                                                                                                                                                                    SHA-256:729B677BE93020DDEF1297869CA7378D3A102927294C634A1087D63F48FB8A79
                                                                                                                                                                                                                                                                                    SHA-512:E55691ED5FBCEF7AA8330CABDA72E9D803E12784B661A42FFE3FF725FE663AEF62EED407FDC2269135437AB7AE047A6F0CCEAA90F2349073E554DD45C5F9D0BC
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........&g.e.....h.....i.....j.*...k.9...l.D...n.L...o.Q...p.^...q.d...r.p...s.....t.....v.....w.....y.....z.....|.....}.........................................................................3.....N.....j...........].....!.................t...........p...........S...........}...........R...........J.....q.............................x...........H.....a...................................n.......................4.................A...........%.....A...........q.......................g.............................&.....G...........D.................!.............................A.................^ ..... ....R!....j!.....".....".....".....#.....#....,$.....$.....$....2%.....%.....&....5&.....&.....'.....(....E(.....(....P).....).....)....W*.....*....%+....R+.....+.....,.....,.....,.....-......................D/...../...../...../.....0....:1.....1.....1....o2.....2...._3.....3....s4....J5.....5.....6.....6....Y7.....7.....7.....8....'9....}9.....9....!:.....:.....:.....;.....;....M<.....<

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ar-XB.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ar.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):897122
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.928723053414015
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:CIPFaBsPG/d/RXZwRq4fvPU7XUUk/K58N0j+JzIQ4pF:CIvAAC5h+c
                                                                                                                                                                                                                                                                                    MD5:3C8E3C5B1D029E9A01943DDBA053C37F
                                                                                                                                                                                                                                                                                    SHA1:785EE0C46B11A19C80770F2B310057E59D90C2E1
                                                                                                                                                                                                                                                                                    SHA-256:98CD654847FF28C0EE580A7374276EE5BD2A38DDE8F45ADFBACBD7917E4C026D
                                                                                                                                                                                                                                                                                    SHA-512:DCA2FC0BE678BEBF047DBAA5A71C01AD57F9B463E3F80DBFABC0937BCFDCEEFC8AE84FD415C40D0B6B713FFF24CEBFB84373ECDDE3741F78265E082C5B9951D0
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........%Q.e.>...h.B...i.M...j.Y...k.h...l.s...n.{...o.....p.....q.....r.....s.....t.....v.....w.....y.....z.....|.....}.........................%.....-.....4.....;.....B.....D.....I.....b...................................o...........,...........#.....E.......................0.......................$...........?.........................................x...........\...........\...........n...........s.....C.......................(.....{...........J...................................4.....s.............................r.................1...........;.....{...........K...... ....u ..... .....!.....!.....!.....!.....".....#....r#.....#.....$.....$.....$.....$....w%.....%....C&....X&.....&.....'.....'.....(.....(.....)....C)....i).....)....d*.....*....C+.....+....:,....X,.....,....{-.....-......................./.... /...../....C0.....0.....0....91.....1.....1.....2.....3.....3.....4.....4.....5.....6....e6.....6....+7.....7.....7.....8....g8.....8.....8.....9.....9....k:.....:.....:.....;

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ar.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\bg.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):927865
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.686646990438899
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24576:4Tax7YKC3cquMMLYzzQkECPUwVbtbHp373ZL+3aAKHkVDYyKzumpod2nm5g0XuGq:W8C3cquMMLYUKUwVbtbHp373Zq3arkV8
                                                                                                                                                                                                                                                                                    MD5:27C55B97D549BCF13145EC75F0A503CA
                                                                                                                                                                                                                                                                                    SHA1:4D7BEC85366FBB602EB6FC02297FB402BD40B6BF
                                                                                                                                                                                                                                                                                    SHA-256:F2EB47878B5D34589A2AFC2E74AB346003BF4D2C450230B9CFD084935BB54A4D
                                                                                                                                                                                                                                                                                    SHA-512:CA3ABB2403B8A67A53F2156E11C361B137F45378737E39D45D5F77148FF3CD031E37DB9EA144B76749667CBA20698C2049E86CA5927475B1E22112751B9BDF3F
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........$&).e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.....w.(...y.....z.=...|.C...}.U.....].....b.....j.....r.....z................................................................. .............................K...........................................................V.........................................^...........p...................................&.....n.....X.............................L...................................I.....\.....5.......................E ..... ..... ....R!.....!....5"....]".....".....#.....#.....#.....$....?%.....%.....%....h&.....&....<'....['.....'....n(.....(.....(....g).....)....#*....I*.....*....|+.....+.....+.....,.....-....}...........Y/...../....'0....W0.....0...._1.....1.....1.....2....w3.....3.....4.....5.....5....06.....6....L7.....7.....8....A8.....9.....9.....:....8:....&;.....;....;<....p<....`=....;>.....>.....?.....?.....@....7A.....A....LB.....B....?C....wC.....D.....D.....D.....E.....F.....F....hG

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\bg.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\bn.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1193463
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.299730648702171
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3072:o3d2APzZl1uPXdf826YBWviytaGHFGuzhr0Ylf14/QISydDbrK8VBbFKQg51lNDS:o3d3Fl18fPAtt1MFSydHrK8VBbG5llA
                                                                                                                                                                                                                                                                                    MD5:7351AE61AE5884088AE68CE5BE0043D8
                                                                                                                                                                                                                                                                                    SHA1:DBEEA5DA228F63A405548F0E6F82FBBB3D624058
                                                                                                                                                                                                                                                                                    SHA-256:D367339A1AC5CE27E58AA03D33E567C06C02F4AC87DB26ACA5D8A3D915AAA01A
                                                                                                                                                                                                                                                                                    SHA-512:85D5D0372C162DE8660B4A8A4EC493585C6C3D29F999F1734C319532DB572A13C91C87320BE139F9FFA957ADD52CDC36584226FAF5AFC39F8A82A2E9C146156B
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........%&(.e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.'...w.4...y.:...z.I...|.O...}.a.....i.....n.....v.....~.......................................................................Y.................I...........z.....Q...........*.....O.....I...........F.....>.............................G.......................G.............................Q.................t...........Z.....I.............................K.............................]............ .....!....Q"....."....n#.....$....L$.....$....'%.....%.....%.....&.....&....H'....{'.....'....~(....-).....).....).....*....(+.....+.....+....s,.....-....g-.....-....5...........!/....D/...../.....0.....0.....1..../2....K3.....4....^4....X5....'6.....6.....6.....7.....8....L8....|8....J9.....:....w:.....:.....;....d<.....<....s=....->.....>.....?....??....$@.....@....-A....eA....hB.....C.....C.....C....)E....}F....pG.....G.....H.....I.....J.....J.....K.....L.....L....0M.....M.....N....7O....fO....lP....@Q

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\bn.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ca.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):573774
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.391859865204477
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:gQQL7QREpAp973K5PqF4N3Mw2juwHzejm0t3lvqbETX9/RSHhIsjcmlLEYuCJkdz:hb9zaBRnvWDMN8UpOO5k/mVb
                                                                                                                                                                                                                                                                                    MD5:F6E50323E0C5A657EBDC2FE7285C15F6
                                                                                                                                                                                                                                                                                    SHA1:944356D207A7962A81801BB76B0E2C5226FF7F1E
                                                                                                                                                                                                                                                                                    SHA-256:DE474CF24B68B6D862C96B8057EDE3F53C6F63C46532E4988E9D1979B1CF59DA
                                                                                                                                                                                                                                                                                    SHA-512:8BC4EA1E2EB03E0423A7C3008BF6001B904928B5B7D7E84D61469C8D8CDBD34E9A4FFFA900B7CBF4216FBA3A469D7A26AF9C22E618902C28044F426693B09EC7
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........"&+.e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.....w.$...y.*...z.9...|.?...}.Q.....Y.....^.....f.....n.....v.....}.................................................................9.................3...................................n.................P.......................T.......................K.....~.................y.................n...........$.....J.................^.....r...........,.....c.....w...........U.................Q...........5.....[.................<.....X.......................(......................................... .....5.......................1.............................[.......................>.......................^.................0.......................3.......................V.......................t.................Z.................. ....7 ..... ..... .....!....(!.....!.....!....6"....R"....."....w#.....#.....$.....$.....$....0%....Z%.....%....)&....\&....|&.....&.....'....='....P'.....'....((....h(.....(

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ca.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\cs.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):583431
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.838398613999325
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:eV2UufpvPlAhTbe65aU8rwsiNOA3SzmPN:eV2UufpvNAhHh5aU8rvYOrzmPN
                                                                                                                                                                                                                                                                                    MD5:7F1AD2897B210C4C25CFBDF0736F6809
                                                                                                                                                                                                                                                                                    SHA1:62E0335A63BC9E2AE8A9826E08256B00E433D9F5
                                                                                                                                                                                                                                                                                    SHA-256:E0826C8E2FE737307D09D808BC693A397E0F1E093AC249B24CEB48327685A4A4
                                                                                                                                                                                                                                                                                    SHA-512:C656B1FF7FCD93B3AEF5FC9E91373D0588520546EAF6CB5E2F965FD66ED0D60E2C04FB22155723D6EFDFDB377EF98CD6420F9944C5B0FC4AE8DE14C830A05B15
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........&;.e.j...h.n...i.v...j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.....w.....y.....z.....|.....}.1.....9.....>.....F.....N.....V.....].....d.....k.....l.....m.....o.............................T...........G.....e...........).....^.....m...........p.................V.......................{.................$.....w.......................z.................7...........H.................$.......................N.......................w...........2.....G...........B.......................Q.....n.................*.....V.....h................./.....@.................F.....Z.................R.....d.................9.....F.................H.....[...........*.....d.....x...........m.......................`.....{.................0.....Q.....p...........7.....c.....y...........Y.......................w.................. ..... ..... ..... ....I!.....!.....!....."....t"....."....0#....B#.....#....T$.....$.....$....2%.....%.....%.....%....<&.....&.....&.....&....@'.....'.....'

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\cs.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\da.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):530651
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.44607278354406
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:QnPhyMLsqSAzVWgss5sbse814eBjtwlRDdJwL2obEXZaFRQ5gk2rp/b3d4nTGqF5:WDgxsJjiT55g/r2Tpj
                                                                                                                                                                                                                                                                                    MD5:9D6A98D53208092F687AD7BB3DBAED7D
                                                                                                                                                                                                                                                                                    SHA1:161D0689CA85147B356167F98EAD84783E331986
                                                                                                                                                                                                                                                                                    SHA-256:04BF402123BFA1C7E256A62A666C0488A42ACEB585C1A9A744341EBC6FDD9A7C
                                                                                                                                                                                                                                                                                    SHA-512:B85832A3DBF5C97870683A655E2CB0F00C04DA4907644561894BB34DE9756334E60CAF75F0CB42E43692BF00C5EF3CFBE6D2E8F7802FFED8E6948757D2DE3E5A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........&&'.e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.(...w.5...y.;...z.J...|.P...}.b.....j.....o.....w.............................................................................\.................".................@.....X...........d.................1.......................1.............................x.......................y.................<.......................w...........#.....6.................C.....W...........`.................]...........5.....[.................8.....J.......................#.....q.......................\.......................b.......................[.......................?.......................!.......................-.......................t.......................X.......................3.......................0.......................n.......................n............ ..... ..... ..... .....!.....!.....!.....!....:"....H"....."....Y#.....#.....#....%$.....$.....$.....$.....%....d%.....%.....%.....%....O&.....&

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\da.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\de.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):571551
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.489447532911186
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:if1WFbCgp1nHaxa03K7UpKD93g/ahmOC2GzV6wAXaOV5jbt5sRqJoUaM5QIBCAL:wQAgnp03K7Up4g/a01JE3t5yUfvBCAL
                                                                                                                                                                                                                                                                                    MD5:851D55585CBC90143DD4C70EB4900574
                                                                                                                                                                                                                                                                                    SHA1:DA5DBD04CFEFE63D1DB69D7C6E19DAC34F379C39
                                                                                                                                                                                                                                                                                    SHA-256:DDBAFE037C6E7509650373D084BC0F198D3ABB7BFD93FAEDD5595F1B354EDC32
                                                                                                                                                                                                                                                                                    SHA-512:B1718430F3540F2455E93A1F6C47E92D7FEA99A9943E8C585EBD4DD807B5A4C1172BBDC83D434EE806C5FC3875B60D7EBDEB933D1CDE6DB50DCED9C0DAAFCD04
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........%..e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.0...t.9...v.N...w.[...y.a...z.p...|.v...}.........................................................................................................................{...........;.....P...........H.................).......................e...................................:.....N...........T.................=.................!...........".....\.....m...........o.................V...........<.....V.............................z.................".................%.....7.................6.....G...........T.................!.......................S.......................|...........&.....5...........'....._.....q.............................w.......................q.................. ....o ..... ..... .....!.....!....)"....b"....."....."....c#.....#.....#.....$....}$.....$.....$....H%.....%.....%.....&.....&.....'....b'....l'.....(.....(.....(.....(....e).....).....*.....*.....*.....*.....+....)+.....+....(,....`,

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\de.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\el.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1016551
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.766567786580532
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24576:WStxYcxPdGgxh1hxFFiL9+YJXDsSaSmqHuuD2Np6P4j/MAVH8yeVd85tRDQr3egJ:TtxYcxPdGgxh1hxFFiL9+YJXDsSaSmqv
                                                                                                                                                                                                                                                                                    MD5:F497F06BC0430F2FA1E2BFFC32E2B9C5
                                                                                                                                                                                                                                                                                    SHA1:38141C3F85FD4A8FCF2A82B0DEB68BD93F062F60
                                                                                                                                                                                                                                                                                    SHA-256:B3CB15115252BBF1363B7231ED32309C9E2E5B6EEEC1B2BBC2700A49A26E56D0
                                                                                                                                                                                                                                                                                    SHA-512:C455DE6466A9FA535C685163A6B4540DC00EB51CC5565ADDFB0E124E3A29CD4AFEC7AB9DF7848C9D3A6C7F435E1CC761F74D8F162D8BC7378D086E96EFA2E705
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........%&(.e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.....w.(...y.....z.=...|.C...}.U.....].....b.....j.....r.....z...........................................................R.....y.....W...........C.....>...................................X.................C.......................O.................k...........J.....j.....9...........X.......................(.....b.....4...........s...........u.....1.......................z...........0.....d.....\...... ....I ..... .....!.....!....!".....".....#.....#.....#.....$....<%....|%.....%.....&....m'.....'.....(.....(.....).....)...."*.....*.....+....1,....X,.....-.....-....'.....N....../...../....#0....D0....O1....W2.....2....%3.....3.....4....!5....V5.....5.....6.....6.....6.....7....(8.....8.....8.....9....Y:.....:....-;.....;....|<.....<.....<.....=....l>.....>.....>.....?.....@....!A....PA....zB.....C....KD.....D.....E....lF.....F....&G....6H....2I.....I.....I.....J....iK.....K.....K.....L.....M....zN

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\el.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\en-GB.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):459985
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.5152848417450615
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:HAeAGZgSZ+XKFELrqmjLCd3MP9ej7HXfaYISMv5n5CSEBcWRnFc:HjfZgseoEL5C3Ma7H6N5CSgc
                                                                                                                                                                                                                                                                                    MD5:F8EEEBF6B363D8578D769AA05FED5BA7
                                                                                                                                                                                                                                                                                    SHA1:12E8B6FE48CA49936769B766A9A13510D9569A20
                                                                                                                                                                                                                                                                                    SHA-256:1F7D3BEACD2A55F3BF2D3571BEF1D05FA333FADD9E6CA141C2525B0678824CDD
                                                                                                                                                                                                                                                                                    SHA-512:3AAE1B6881E50E88635336218D7C13ACF81687AD78FB902900746EB875D9DD29DBF83A1D51344DF617DD86E31BAAD04564460ECC48886308E742830412E8C71D
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........&..e.`...h.d...i.r...j.~...k.....l.....n.....o.....p.....q.....r.....s.....t.....v.....w.....y.....z.....|.....}.-.....5.....:.....B.....J.....R.....Y.....`.....g.....h.....i.....n.....{.............................~.......................|.................$.....}.................(.....t.......................J.....s.......................5.....B.............................v.......................l.......................H.............................^.......................^.......................*.....E.....T.............................8.....u.......................J.....|.................&.....S....._.......................!.....i.......................).....n.......................[.......................:.....].....s.............................{.......................J.......................1.....h.......................;.....j.....z.................W.....o...........B.......................X.......................N.....z.......................4.....D..................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\en-GB.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\en-US.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):464664
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.505055040425703
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:V0BSJCCPeiISZuw3jcMP9eD3D9faYLbcNx5FSZngP/eXywB:8SJDPeDIjcMY3DzA5FSHywB
                                                                                                                                                                                                                                                                                    MD5:4B6300C27E7575C32888C1F3364D5346
                                                                                                                                                                                                                                                                                    SHA1:C5F5E1D3524ACC96FB4E18C08B02F54ABF83C3D4
                                                                                                                                                                                                                                                                                    SHA-256:0945C89B16D4FEBA346E85E14792B772DCC6278F7DCA7FB099A6100C93E79740
                                                                                                                                                                                                                                                                                    SHA-512:3F21B6F4A3E18755B355CE5F20384D549B3F723104A67C67AE521D2C4544AA3095FADA8855A0CC1A10E7C5BF3E8F55D061AB2DCEC210F76101A61D9484D4EE6F
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........&..e.....h.....i.....j.....k.....l.....n.....o.....p.&...q.,...r.8...s.I...t.R...v.g...w.t...y.z...z.....|.....}.............................................................................................................;.....N.................".....2.................-.....C.......................+.....w.......................<.............................E.....j.................4.....i.................".....S.....a.................#.....3.............................i.......................\.............................6.....U....._.............................e.......................F.............................V.............................>.....I.............................l.......................g.......................).....e.......................+.....M.....\.................5.....[.............................Z.......................?.......................;.......................`.......................a.......................+.....i.......................C ....t

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\en-US.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\en-XA.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1031027
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.210875521790238
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24576:HmdiMRfFgJWHLboEFFRyYHiLNQTCvXTOnXv1x7S6a8wGi4ADjn1VtuYtP01+Z5zp:H/sm5z9v
                                                                                                                                                                                                                                                                                    MD5:D5A14353A7FCC1F199F9234BD4551FF9
                                                                                                                                                                                                                                                                                    SHA1:7476E2846B6C0D03338A074D7FE325BB468992FE
                                                                                                                                                                                                                                                                                    SHA-256:E5CFEBD81831A65CA268866A8EEADB334F64FA3B0853BD550E5BB69724408FBC
                                                                                                                                                                                                                                                                                    SHA-512:BCE4FB535509834EA32ACBA72FC22B76CE591F9B6C1C15207B023460F59E9BC6F65118F816A82D235E7F20E26BF822EA102C95B5DA71FCFF099D56215945BD27
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........&g.e.....h.....i.....j.*...k.9...l.D...n.L...o.Q...p.^...q.d...r.p...s.....t.....v.....w.....y.....z.....|.....}.........................................................................8.....[.............................k...........t.....=.............................f.................J.......................t.......................a.......................g.............................]...........i.............................P.......................q........................ ..... ..... .....!....."....O"....y".....#.....#.....$..../$.....$.....%.....%.....%.....&.....'.....(....[(....%).....)....a*.....*....C+.....,....s,.....,....R-..........~...........X/.....0....~0.....0.....1....x2.....3....M3.....4.....4.....5....J5.....6.....6.....7....J7.....8.....8....!9....K9....2:.....:....q;.....;....z<.....=....L=....r=....U>.....?....|?.....?.....@....EA.....A.....B....,C....8D.....D...."E....!F.....F....zG.....G.....H....dI.....I.....I.....J....RK.....K.....K.....L.....M.....N

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\en-XA.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\es-419.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):560321
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.366866302767652
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:jjxzJ7FnfONzx0T8puYnKwoR5g6qLFYUudBm+u:nP8/pQj5g64F4Tu
                                                                                                                                                                                                                                                                                    MD5:AAB525A7681AE93791B283205064E2B4
                                                                                                                                                                                                                                                                                    SHA1:A021DBDCD3F269B77D7133F47B63906FFF794F76
                                                                                                                                                                                                                                                                                    SHA-256:5EF4BB4558102F2E39669208BECE79FD5B474E0A87C8A1EED5BCD6B13DA6C6FA
                                                                                                                                                                                                                                                                                    SHA-512:841CD903FCF716692FF1873EDAC4FEB5F8B907AFEC1D0DEBFABB39255A74B9B2096FAE3E562E95893DAC731EF46D07B12B6A441975042981CC88638B7673B435
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........+&".e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.*...w.7...y.=...z.L...|.R...}.d.....l.....q.....y.........................................................................................v.................i.................Z...........7.....U...........B.......................B.....l.................<.....d.....u...........o.................n...........".....L...........).....n.................V.................)...................................j.................(.....W.....r.................K.....Z.................R.....h...........E.......................a.......................W.......................<.....l.....v...........D.........................................Y.......................c.................J.......................r...........) ....j ..... .....!....?!....Y!.....!....."....O"....h"....."....5#.....#.....#....*$.....$.....%....(%.....%.....&....z&.....&....#'.....'.....'.....'....5(.....(.....(.....(....7).....).....).....*

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\es-419.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\es.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):559178
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.34611084339133
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:tMTZMKZuHswv12Jp/bNg86ip3+UxojFtnj45vzr700Iu96PZrk8jb:AZMKUGVVLpzojTnj45brY0sb
                                                                                                                                                                                                                                                                                    MD5:078BD56804D26C26E9AA4F41BF6549F6
                                                                                                                                                                                                                                                                                    SHA1:B1B575D34769F35CF28158BCB40C92264DECC551
                                                                                                                                                                                                                                                                                    SHA-256:99389110A1497D3999E8CB5799A629A471D221E07C2818CEFEEDB1C95BF5A9F3
                                                                                                                                                                                                                                                                                    SHA-512:4108B3BDED940A7D3939EE68DD489A4453391BAE548285867B81A50217C248280111853A1EB6838B6C079A01A74D11CEE61E7F441CBC6D7BA91F1DFAE3EE602F
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........2&..e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t."...v.7...w.D...y.J...z.Y...|._...}.q.....y.....~.........................................................................................+.........................................v...........f.................c.......................u.......................v.................7...................................V.....t...........L.......................p.................@.............................#.....q.................K.....~.................@.....h.....w...........:.....p.................R.......................M.......................:.....k.....v.................N.....X.................E.....U...........C.......................Z.......................T.....{...................................A.................1 ..... ..... .....!.....!.....!.....!....."....."....."....."....>#....X#.....#....l$.....$.....$....o%.....%....:&....c&.....&....F'.....'.....'.....'....@(....f(....y(.....(....J).....)

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\es.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\et.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):509452
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.455817407928288
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:Z0izVKnUJ1HNRSUSx+DuM/Fb0WmFosQ4Eqsoh7Pwiw4dQH5ejnrlvCKMvaKWcEzn:vVKi7S65JmFosZtQH5ejJsW
                                                                                                                                                                                                                                                                                    MD5:45E28E64378FABED845EB242A8F1563D
                                                                                                                                                                                                                                                                                    SHA1:8FAA0651CA0D29596CA294DC448CB870D553C0FF
                                                                                                                                                                                                                                                                                    SHA-256:68386C75B1E414B5F94E1AA5EB9A98A42B6298177FABB834A8B9E96E1EF70A2D
                                                                                                                                                                                                                                                                                    SHA-512:3165EC45C2958C382832E4528D38966C28CA90C84777FD48D762FBD75F31FD52BD1B2C069BA4644504913219FAD5DDC08980F69DC67B9AB03D392AFC1321C339
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........:&..e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.!...s.2...t.;...v.P...w.]...y.c...z.r...|.x...}...............................................................................................................................t.................&.......................I.......................I.......................;.......................=.......................M.......................w.......................{.................'.................).....A...........6.....{.................W.....y.................=.....`.....l...........!.....K.....[...........).....c.....n...........5.....o.....}...........6.....g.....o.........../.....b.....q...........0.....d.....l...........T.......................U.....t.................H.....l.................<.....t.................I.....}.................L.....f.....w...........;.....c.....{...........G ..... ..... .....!.....!.....!.....!.....".....#....I#....n#.....#....J$.....$.....$.....$....-%....I%....]%.....%....+&....Y&

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\et.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\fa.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):825360
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.0557125829631335
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24576:FqvG8u313uyqoT+s1qLpRmX1loT4RmdAQifaQ2XxFMJGk620dri1HMX9O9xdpxHk:Evpu55M
                                                                                                                                                                                                                                                                                    MD5:A13029CB1D5873121E6BDD0929A6C772
                                                                                                                                                                                                                                                                                    SHA1:7B88AE77DF959B8C01F5F00F2B0DFC30ED0A85EA
                                                                                                                                                                                                                                                                                    SHA-256:2527D1821D08E43D2F1259A1F910AF986632B8AEF9257D2FC37BC285AF7EE217
                                                                                                                                                                                                                                                                                    SHA-512:AF272D021316A71CF2A98126AF9CA993122B3B7B766C6D34003BCDC2FC5936BC4FAE95293B1D74FE35A0C81150D45E95ADABC4B34118974D214049FCDBEE74CA
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........%p.e.....h.....i.....j.....k.*...l.5...n.=...o.B...p.O...q.U...r.a...s.r...t.{...v.....w.....y.....z.....|.....}...................................................................%.....A.....k...........w.....H.......................M.......................]...............................................K.................=...........#.....D...........}.......................O.................Y...........E.....a.................................................................*.....N...........W.................,.............................!.....c.....z...................................@ ..... ..... .....!.....!.....!.....!.....".....#....R#....t#.....$.....$.....$.....$.....%....I&.....&.....&....L'.....'.....'....!(.....(....h).....).....)....}*.....+....j+.....+....>,.....,..../-....u-.....-....k.................e/.....0....a0.....0....&1.....1.....2....%2....#3.....4.....4.....4.....5....N6.....6.....6.....7....98.....8.....8....39.....9.....9.....9.....:....G;.....;.....;

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\fa.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\fi.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):517467
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.424845538875905
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:RKUtqd19KJOKu4ar5HZ7kfCHEpyWaZ7WYM:Ntq8S5HFHAl
                                                                                                                                                                                                                                                                                    MD5:E7B72F44D711DECE8E3043173A553AC4
                                                                                                                                                                                                                                                                                    SHA1:892424E4E011AAC47B068F9FD929B5E41BCCA525
                                                                                                                                                                                                                                                                                    SHA-256:5F1A9DF87400AF56F748026F3BAAA41756A4C42FCE4791AABFE2087441689340
                                                                                                                                                                                                                                                                                    SHA-512:A2907B8E12CCDD0FC5601C37F23CCD5556B4EAE18CB1833481D01B39B30EC643167B0C8295EC9EE8CE851B0C7968E83F9C47C6E1D4543A371A62485D1832835A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........%..e.....h.....i.....j.....k.....l.....n.#...o.(...p.5...q.;...r.G...s.X...t.a...v.v...w.....y.....z.....|.....}.....................................................................................'.....@...........E.......................s.................(.......................O.......................Y.......................7.............................\.........................................9.......................5.......................8.......................X.................&.............................[.......................!.....k.......................;.....e.....o.................N.....[.................#...................................l.......................a.................0.....~.......................K.......................A.......................?.......................I.............................f.......................^.................7.................................... ....2 ..... ..... .....!.....!....p!.....!.....!.....!....7"....."....."

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\fi.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\fil.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):584976
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.195604084490558
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:4ln56kcajNxYUC36tIQy7DQEuq2V8L0dnGNLmG5eXmi1YARFtK:KnAkcmqnxEG5omt
                                                                                                                                                                                                                                                                                    MD5:F7F3CC17509AF03E639E983A091C2026
                                                                                                                                                                                                                                                                                    SHA1:D36E61E50B5FA99BE2A3C3727AFEB142969C8308
                                                                                                                                                                                                                                                                                    SHA-256:5D586C9BFA38452CDFB50BF5D2E9B98E68A8E7CC73E4D641D8FD6BB3E7EC5712
                                                                                                                                                                                                                                                                                    SHA-512:5A2C037D0AFDC82A4ECA642F43CC10E0040B7F97BE9DA14A8F806970C1E07BEC9CD69AD816A91A41946F35FF7A760ACC65DF21F6CD9D365ACBBA345FF0C1FF70
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........&..e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v./...w.<...y.B...z.Q...|.W...}.i.....q.....v.....~...................................................................................-.................(.............................4.................5.......................h.......................u.................+...........+.....i...........+.................#.................[.....q...........[.................1.............................5.......................s.......................i.......................R.....|.................h.........................................&.......................(.......................).......................M........... .....=................./.....M.................. ....! ..... ..... .....!....2!.....!....'"....n".....".....#....l#.....#.....#....&$.....$.....$.....$....j%.....%.....&....A&.....&....u'.....'.....'.....(.....)....S).....).....)....d*.....*.....*.....+....j+.....+.....+....",.....,.....,

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\fil.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\fr.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):606342
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.380118288987104
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:n2sEZLqUMDpDgEL6QuaMVWXKz05qlZQmZyMYnYtkL09ujzxRe5hxkJSW7v40wCJ/:zj2VIN5JL
                                                                                                                                                                                                                                                                                    MD5:326917C8F37FE85E58AD3DE991D17A78
                                                                                                                                                                                                                                                                                    SHA1:683ED0FB95F33DC2B095E774AD3DE84B0E4A63E3
                                                                                                                                                                                                                                                                                    SHA-256:CFA45E5F86F70AE4D47D82BCEC6C245E618212E67CE8B7BF0A1BE0BE41C6E6E8
                                                                                                                                                                                                                                                                                    SHA-512:3FDF2B1C8031A06D5140449E22861545CC80E1417A70558DB2ACAC25733AC156A0D7941B053A7CFFB2ED193BBE5E0CAE4F1F68437FA570C612BE606DD10ECAE1
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........&<.e.h...h.l...i.}...j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.....w.....y.....z. ...|.&...}.8.....@.....E.....M.....U.....].....d.....k.....r.....s.....t.....v.............................Z...........z...................................k...........P.....l...........G.......................x.........................................c.................>...........).....l.................n.................&.......................\.................-...........Q................./.......................0.......................*.......................B.......................[.......................^.......................K.......................D.......................o...........S.....j...........0.....^.....|.................4.....R.................X.....t...... ..... ..... .....!....[!.....!.....!.....!....[".....".....#....!#.....#.....$....Z$....z$.....$....x%.....%.....%....f&.....&.....'....>'.....'....I(.....(.....(.....)....^).....).....).....*.....*.....*

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\fr.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\gu.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1177779
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.338116428198543
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3072:C3T12vbLPxCoYITYsRvc38ZUd02GHIwjAwREJKVMjNiT7llj63rhJXlPCKMi5eWt:dTbYITncQi02JCWJL5DAhc2T2
                                                                                                                                                                                                                                                                                    MD5:D77AEE1AB6AF4FC83813A69D3CA61E46
                                                                                                                                                                                                                                                                                    SHA1:C0786021AF8C8BBB083E9C4104B68BD28537893A
                                                                                                                                                                                                                                                                                    SHA-256:5D5E20C5F0CA21D8F1824EEBE8E595FAD4D0E601B224F4433B355A21B643971F
                                                                                                                                                                                                                                                                                    SHA-512:78C2589BC37594236D5B01C4C6C0CB934CF9CCAE15679159E1BCE64E3F5A3C903F9F7127D0DA8C317FD085A70EDFFDCAC413B4F2627BF14B862794B47BBA042A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........+&".e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.&...v.;...w.H...y.N...z.]...|.c...}.u.....}.............................................................................(.....`.................j.................Z.................F.....).............................#.....L...................................=.......................U...............................................|.............................E.....q.....n.....i...........+.....N.....\ .....!....D!.....!....n".....".....".....#....H$.....$.....$....O%.....%....?&....X&....$'.....'....=(....h(....$).....)....?*....a*.....+.....+.....,....),.....,....}-.....-.....-..........S/...../...../.....0.....1.....2.....2.....3....74.....4.....4....;5.....5.....5.....6.....6.....7....08....V8....a9....,:.....:.....;.....;....s<.....<.....<.....=.....>.....>....)?....)@.....@....mA.....A.....B.....C.....D.....D.....E.....F....vG.....G.....H.....I.....I....*J.....J.....K.....L....4L....SM....0N.....N

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\gu.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\he.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):728589
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.658856122190603
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:W5SDjhr3FluYMy31frspm29Wqu/kQl4JACVXbfeQCajLn5l67co+oiNB05elmmdi:W5SdY5/oP
                                                                                                                                                                                                                                                                                    MD5:04C846A7F65C1E95E49CFE69EC9EEB45
                                                                                                                                                                                                                                                                                    SHA1:78142FD5545EE76B1F90FF5DF6FB7C01D797F3D1
                                                                                                                                                                                                                                                                                    SHA-256:AFAFB0DADD253E7F665FCB0D9D562D243E32D774B6ABDF602B66734F310E689B
                                                                                                                                                                                                                                                                                    SHA-512:029F45EE02DAD7D3431B223F5516937E34D685026488BA2DBF7C43FFDEDD1240FA119C349E4F5052CA3FDE109215D6D8813A43297A7E4EDB5D9B063192AC775A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........%N.e.D...h.H...i.Y...j.e...k.t...l.....n.....o.....p.....q.....r.....s.....t.....v.....w.....y.....z.....|.....}.............!.....).....1.....9.....@.....G.....N.....O.....P.....R.....i.......................}.....3.................g...........%.....>.........................................a.................x.................E...................................=.....m.........................................s...................................q...........8.....Q.......................E...........+.....V.................m.................I...........!.....8...........*.....j.....}...........s.................B.......................s........... .....3.................\.....o...... ..... ..... .....!.....!.....!....."....?".....".....#....>#....b#.....#....Y$.....$.....$....g%.....%...."&...._&.....&....''....H'....a'.....'....D(....u(.....(....4).....).....).....*.....*.....+.... ,....D,.....,....l-.....-.....-.........../....b/...../.....0....u0.....0.....0....~1.....2....k2

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\he.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\hi.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1250127
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.3103395858193565
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3072:AubcffOrA0yUdRSM7vyWYfbXpgTMoV/BB0ZV1d1AuxXRLiW3Jk1eTByntDPtDl+U:AuAf2E0yjUv3MlgTMJem05f5xhbv
                                                                                                                                                                                                                                                                                    MD5:114BBD0D21C90DDFCE1D6E26432B7B9C
                                                                                                                                                                                                                                                                                    SHA1:EBFC476B4D742D9FDF5D0E78996748497EB0B4FF
                                                                                                                                                                                                                                                                                    SHA-256:E2321752811548A92EF069E53ABE349CAA93BE5596A2579DDE65391EE7CF915B
                                                                                                                                                                                                                                                                                    SHA-512:6195FC185F8297CA1C38B79339F86F0788B342A90B0E98F1ED5883CBE61725000B1653E911EB749351BB74802B8E75199DCF0C95D903A4422755E809A6A1814D
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........%_.e."...h.&...i.7...j.C...k.R...l.]...n.e...o.j...p.w...q.}...r.....s.....t.....v.....w.....y.....z.....|.....}...........................................%.....,.....-...........0.....R.....w.....................................................g.............................8.....+.............................6.................~...........y.................+.............................8...........^..... .......................W.......................................... ..... .....!.....!....."....y#.....#.....#.....$....b%.....%.....%....s&.....'....M'....f'....=(.....(....b).....)....R*.....+....d+.....+....3,.....,....3-....O-.....-................./...../.....0.....0.....0.....2.....2.....3.....3....x4....#5....p5.....5....76.....6.....6.....7.....7....n8.....8.....9.....:.....:....A;.....;....O<.....<.....=....]=....Q>....-?.....?.....?.....@.....A....BB....zB.....C.....E.....E....+F....9G.....H.....H.....H.....J.....J....~K.....K.....L.....M.....M....:N....7O.....P.....P

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\hi.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\hr.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):562949
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.503469092776888
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3072:5pEDgLd6TlZ/9yZuYUapEXgaBV08L7SkK7D+wwWrDfB+uhAxqOSAq6+xMcwd0uPJ:HEDjTMzU0EV7xHwPBhbKBc5ag7yIjR/K
                                                                                                                                                                                                                                                                                    MD5:54308E58D399D0F1C4E66A4A4B6E3B59
                                                                                                                                                                                                                                                                                    SHA1:8DFCE74D45801654531C78E34CF6A6C2E4BA5556
                                                                                                                                                                                                                                                                                    SHA-256:8141D126CD8ED7CD29B998E4A778E81AEC043BC126B5D2B0FB62F95C5FBF1F62
                                                                                                                                                                                                                                                                                    SHA-512:33C74ACE0F430D2E7963512075007DCA70ADCDD43FCE31A27F925351CEB00CFECE329EC5E9B60DACFF7E28DA322FC9CEFF3FCD9AE3A7BB6655400F1A580C3EA2
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........F&..e.....h.....i.....j.....k.....l.....n.....o.....p.'...q.-...r.9...s.J...t.S...v.h...w.u...y.{...z.....|.....}.......................................................................................................C.................0.......................c...........#.....B.................R.....h...........".....T.....d.................2.....B.................G.....l...........i.................D.......................k...................................L.....g.............................e.......................C.............................U.....v.................I.......................D.....r.................L.......................A.....l.....|...........'.....T.....d...........T.......................Z.....|.................@....._.................(.....U.....l...........K.......................m.................. ....u ..... ..... ....G!.....!.....!.....".....".....#....t#.....#.....$....n$.....$.....$....9%.....%.....%.....%....'&....p&.....&.....&.....'....|'.....'

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\hr.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\hu.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):605952
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.638270541961174
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:n0L6iTfLsgtbgq0LcP9wHs8DfcAujkatvV5RvBFZfpduYG3b7ZNIeHK9njDi59Rj:iTfrtcFQA0V5RvBn0zzKY5u0vv
                                                                                                                                                                                                                                                                                    MD5:B7AA52653BBABCC713A03067E6FCFCC3
                                                                                                                                                                                                                                                                                    SHA1:B18CC0B968C4C0F156E33F5C493E6C09760161DD
                                                                                                                                                                                                                                                                                    SHA-256:244BE241E2FD68882ADB0C1A1C4AE93B1406AE22CCC14BCB37FC09FE3C2831A5
                                                                                                                                                                                                                                                                                    SHA-512:CB393247F79F1A6CDD685AD9729D0C7FD3BFADB5591CD822A4F92BA19448E50C148517DC0DDC14C37243CC0145A5AB17D27C45CCEBDCCB76CEC70C1B444D07C0
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........&L.e.H...h.L...i.]...j.g...k.v...l.....n.....o.....p.....q.....r.....s.....t.....v.....w.....y.....z.....|.....}.............#.....+.....3.....;.....B.....I.....P.....Q.....R.....W.....g.....}.................T...........u...................................f...........L.....f...........^.........................................(.......................{...........-.....^.............................s...........(.....:...........!.....c.....s...........v.................k...........W.....v...........j.........................................).......................q...........M.....d...........n.................>.................+.................W.....l...........r.................C...........(.....>..........." ....I ....e ..... ....0!....\!.....!.....!....L"....."....."....4#.....#.....#....&$.....$.....$.....$.....%.....%.....%.....&.....&.....&.....'....c'.....'.....(.....(....%)....4).....)....[*.....*.....*....s+.....+....:,....V,.....,....$-....U-....q-.....-....b.......

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\hu.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\id.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):500354
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.374540321275158
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:HDTG/Veh932Bmcwf/yG+wFZf+MVnjHF3mmi8IxZ5GZhWwkK5cTSzo7IEji4JHw:HHG8h94sXyMFTVnjHFWmNIb5GZhow
                                                                                                                                                                                                                                                                                    MD5:0EFA0011CE0365AE4AFC08753F559098
                                                                                                                                                                                                                                                                                    SHA1:6AFC5115DFC222F0F2B2265A591B571803787DCA
                                                                                                                                                                                                                                                                                    SHA-256:A780C4E8E48CBDF2064CFF3E9E025103739B3763E3B82DDD99C97DFFF8FB1CE2
                                                                                                                                                                                                                                                                                    SHA-512:21C34901F5260606F14FE0E004851AF4DFA6960C28872417FB995ADAC4B2652609D9C0F5F30C0F76F4287217ADCDC0ACF1545CBD4E5A6F4B15565668840BCB75
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........&3.e.z...h.~...i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.....w.....y.#...z.2...|.8...}.J.....R.....W....._.....g.....o.....v.....}.....................................................@.......................`.......................Q.......................m.......................p.......................N.......................8.......................@.......................4............................._......................._.................!.......................(.....e.......................$.....I.....U.......................!.....|.......................c.......................>.............................e.......................L.....~.................?.....u.......................(.....9.............................b.......................C.......................'.....c.....}.................=.....k.....z...........6.....r...................................Y.......................l.......................B ..... ..... ..... .....!....q!.....!

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\id.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\it.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):558299
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.272942823509238
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:qrF11tFO6w7oWhI7xO2/IJ/jNLiISIqRRRsO1StiRT9TjexKqcQxLcaPpzHi9fLN:u1tFFehoXFZxR8g26sjoh59koF
                                                                                                                                                                                                                                                                                    MD5:12FFE0FC0BE1B4134F219BD3B6D8F550
                                                                                                                                                                                                                                                                                    SHA1:DC14159AEA6643FEED260C3E3EB9BF4286FFFD9C
                                                                                                                                                                                                                                                                                    SHA-256:4FFAADC42BB0F78B78061EEC23B39BEBF34BA3B9B4F2CD0415FD3C94B2C828D3
                                                                                                                                                                                                                                                                                    SHA-512:423EB3AA074617C8FB64EA909CF860C8706B73B5CBC97D85D21E9298DC53CF9451DECCB1DE45B19377E8E2461D78282D587264340BCE8F487AD48B0DDEE55123
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........)&$.e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.....w.;...y.A...z.P...|.V...}.h.....p.....u.....}.........................................................................................w.................X.................2.................'.................g.................(.....O.....].................$.....3.................L.....v...........n.................X.......................y.................".................?.....X...........R.................'.....s.......................W....................... .....G.....R.................\.....n.................J.....U................. .....).....x.......................Q.......................Z.................,.............................U.............................d.................(.......................c.......................>.....|.................J ..... ..... .....!.....!..../"....."....."....<#.....#.....#.....$.....$.....%....W%....m%.....%.....%.....&..../&.....&.....&....:'

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\it.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ja.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):677279
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.7261443457831875
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:5mNTLdjIcq5eHWv0WSGRBZ6Q2T+NbX5+Fo1Vi:5mNTxqe2ccBZ6Q2T+h5+FF
                                                                                                                                                                                                                                                                                    MD5:A92DA679A63FB99BB5F3BCF829168D21
                                                                                                                                                                                                                                                                                    SHA1:F15AA9BA6A952490DD881C82DED179FE03E50E80
                                                                                                                                                                                                                                                                                    SHA-256:F78FEB7523A3B4C795AC02EB66FD455B0F490257549D681B7AA07255E99AB9D9
                                                                                                                                                                                                                                                                                    SHA-512:3055528033206B6F32371A1BA05633614C0A3A9AF4FE2326FA3E6689BF535D5D540D926E08963FB668B02EEFF216DC2ECABED035C821C83E5D96CD2ED1531835
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........e%..e.....h.....i.....j.(...k.9...l.B...m.J...o._...p.l...q.r...v.~...w.....y.....z.....|.....}.....................................................................................1.....O.....p...........+.................'.................Z.....r...................................|.............................9.....K.................F.....V...........R.................@.................%.................8.....H...........#.....T.....c...........D.....{...........3...........5.....P.................6.....R...........S.................A.................*...........d.................`...........2.....A...........=.......................}.................P.................1...........j.................j............ ....: ..... .....!....Q!....r!.....!....^"....."....."....f#.....#....*$....d$.....$.....%....>%....M%.....%....R&.....&.....&....''.....'.....'.....'....z(.....).....).....).....*.....*.....*.....+.....+....1,....w,.....,.....-.....-.....-.....-....k...........4/....O/

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ja.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\kn.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1341496
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.250874916501427
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:v/9cYunn57Dz6f03QIBR0UInI7L5IazUG4pt+h9lcQ:nCYu5i25PUS
                                                                                                                                                                                                                                                                                    MD5:F13C1631BB1E180C07CB10C5142CEC74
                                                                                                                                                                                                                                                                                    SHA1:BD3B971893D3CE2206EDD040ED0EAB9BA010BD18
                                                                                                                                                                                                                                                                                    SHA-256:3A63D9B5BDECE8442ACA6971771A660BCEAE995CA96394FA88B024FEF3C93BF7
                                                                                                                                                                                                                                                                                    SHA-512:9122A55CE0E09ADAFE0162337B518228441D9A852E68761BFB62B656415F25386B3DB41279699F8035BE3BB3EA003FCBA91B5D5FC6EC538EF79E9486A488280A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........M&..e.....h.....i.....j.....k.....l.....n.#...o.(...p.5...q.;...r.G...s.X...t.a...v.v...w.....y.....z.....|.....}.........................................................................(....._.................j.......................A.....I...........X.........................................]...........Y...........P...........q.....:.............................q...........2.....A...........y...........S...........".....1 .....!.....!.....!....)#....?$.....%....Q%.....&.....'.....(....@).....)....r*.....*.....*.....+....@,.....,.....,....U-.....-....>.....S.....6/...../....w0.....0.....1....?2.....2.....2.....3....B4.....4.....4.....5....p6.....6.....7.....7.....8.....9....@9....b:....a;....!<....P<....3=.....=....Q>.....>....>?.....?.....@....,@.....A.....A.....B....`B.....C....PD.....D....eE....MF.....F....RG.....G.....H.....I....'J....yJ.....K.....L....TM.....M....(O.....P.....Q.....Q....8S....6T.....T....lU.....V.....W..../X....|X....IY.....Y....\Z.....Z.....[.....\....]]

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\kn.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ko.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):569413
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.084713993678112
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:OA7Ny//OV2Ngi7QFIyjxMSVG0GTin8t8OQ4E3hvaYrSCqD5tEp7YqGT8U13Xq7hy:OA7Ny/oZO5L8frCT
                                                                                                                                                                                                                                                                                    MD5:E8448C3D352C76C1C0F2B9F508852D9A
                                                                                                                                                                                                                                                                                    SHA1:2B7FE9F0A49FE3428E467A4214D0E7EC79CF7B52
                                                                                                                                                                                                                                                                                    SHA-256:30D515F2E086A7773DD3C7B5E6504729B6D91D9FA7174C3226EB3553F900BBF2
                                                                                                                                                                                                                                                                                    SHA-512:AE4144323E7EB2C2C97F336EE144C0C739CB5500F7FF382469CB4CE33DBAE35078EACD85F50381912C9D4367DFC9CBCB6C7C7BCE8314A0351B14F950A2209184
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........>%..e.....h.....i.....j.....k.....l.....m.....o.....p.....q.....r.....s./...t.8...y.M...z.\...|.b...}.t.....|.....................................................................................................A....._...........8.....y.................p.................3.......................Q.......................V.......................e.......................v.................+.......................!...............................................+.................{.................D.....h.................%.....J.....Z.................%.....5.................W.....s...........7.....k.....{...........B.....v.................E.....u.................C.....t.................y.................:.......................*.......................5.......................O.................#.....t.......................?.......................B.......................U............ ....& ..... ..... ....0!....G!.....!....."....>"....Q".....".....#....$#....7#.....#.....#....($....;$.....$

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ko.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\lt.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):611429
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.6299671018290445
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:QQtetgAZbMAUbgO9aG1DT/G57szII1JgNf6SMM:QDgiMQzOG55IngN/
                                                                                                                                                                                                                                                                                    MD5:F6F5B593C91B7820C9552FFDDFAC03FC
                                                                                                                                                                                                                                                                                    SHA1:D771AC14A49C7654043D0AE2DC52239BF4636F65
                                                                                                                                                                                                                                                                                    SHA-256:FFE7EAC4BC39085977C28BF8BA0060B9A12471C3914A30DF1C46305926242BB6
                                                                                                                                                                                                                                                                                    SHA-512:45D3580D456F6972259055BFFEDE8745C922DFE2703BCF3A545E73211164E3CA594A56330A2A17EC373AB060C05A7776D88DFBAB5014081948A5F89A849F793C
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........&&'.e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.(...w.5...y.;...z.J...|.P...}.b.....j.....o.....w.............................................................................v...........d...............................................i.................z.................D...................................?.....V...........P.................3...................................D.....U...........C.....}........... .............................&.....t.................t.................#.......................N...................................E.....X...........L........................................._.................(.................C.....Q.............................h............ ....( ..... ....9!....s!.....!....."....."....."....."....m#.....#....*$....]$.....$....4%....V%....i%.....&.....&.....&.....&.....'.....(....J(....n(.....).....).....*....!*.....*....*+....h+.....+....&,.....,.....,.....-....j-.....-.....-................./....Z/

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\lt.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\lv.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):610750
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.626685122127425
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:IbsBLMwr28cTB6aTmNstVFpM6Y97vccj/kbO153ySAbEwT4757esFOHAYXSIENAs:FL8PXVY9rrV15SEwTW5tOmAhm
                                                                                                                                                                                                                                                                                    MD5:8D8244CEA7D00E7502CFC62908147BB7
                                                                                                                                                                                                                                                                                    SHA1:2ECF5C264208555EC5BD4530544CC0AEE99F558F
                                                                                                                                                                                                                                                                                    SHA-256:C9722A6B132E9EF5BCA53565BCBC2CB3C40CB8954F2286250AD15FAFC0D2DCC1
                                                                                                                                                                                                                                                                                    SHA-512:B5B98ADE8D7EA25477D12CBEB6B1F07FEC5625583B8CC695755195B1EEF0D380C72AE4609955D230B4FD6109AA6B778421E7EAE9D7086FEC03CFF93C93D91791
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........J&..e.....h.....i.....j.....k.....l.....n.....o."...p./...q.5...r.A...s.R...t.[...v.p...w.}...y.....z.....|.....}.....................................................................................$.....@....................... .................T.....g.........................................Y.....x...........W.........................................O................. ...........e.................H.............................&....._.....r...................................*.....z.................f.......................o.......................}.................5.................$.................:.....L...........:.....q.................i...............................................#.....u.................P ....k ..... ..... .....!.....!.....!....5"....."....."....."....j#.....#....:$....t$.....$....A%....a%....z%.....%....~&.....&.....&....J'.....'.....(....%(.....(....|).....).....)....z*.....*....5+....[+.....+....V,.....,.....,.....-....r-.....-.....-....4............/

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\lv.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ml.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1394062
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.285571867304228
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:MYNjRdBR8QA2cMmsbbAx4LJxFq/ixn9mMy6UQ6KfUBp/AZCBEmeyo3ewhp5O47uW:RZRltMTKfUBpUyo3eo5O47xs4+3e
                                                                                                                                                                                                                                                                                    MD5:979090995F7F9DBFA9FA9A96349DA745
                                                                                                                                                                                                                                                                                    SHA1:6D9425EB6D3FF6B433A2FFD89DFFB3AEDCDE3588
                                                                                                                                                                                                                                                                                    SHA-256:C27AC1727F3A3A25ABED09CBF07DA604DD1C42A1855851E63DFCDC9831091EDD
                                                                                                                                                                                                                                                                                    SHA-512:4D734D7903DD4C39A2392EDA7B6A65929E61FE105ED843718D5CAF8D93DA9FF14A8908B896425335FCE9CA5AE717C29C80E7D85A2A6B80DF9F4FAC8F7A558F38
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........G&..e.....h.....i.....j.....k.....l.....n.....o.....p.)...q./...r.;...s.L...t.U...v.j...w.w...y.}...z.....|.....}...............................................................................b.................T...............................................c.................................................................\.....M...................................8............................................................ .....!....s".....".....#.....%.....%.....&.....'.....(.....)....2*.....*.....+.....+.....,.....,.....-....".....P....../...../....40....h0....J1.....2.....2.....2.....3....I4.....4.....4.....5.....6....#7....W7....C8.....9.....9.....9.....:....i;.....;.....<.....=....?>.....?....C?....-@.....@...._A.....A....\B.....C....PC.....C....nD....;E.....E.....F....BG....*H.....H....HI....,J.....J....TK.....K.....L.....M....NN.....N.....O.....P....IQ.....Q.....R.....S.....T.....T....&V....-W.....W....=X....kY....fZ.....[....Y[....J\...."].....].....]....+_....:`.....a

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ml.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\mr.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1147816
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.319695697825778
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:p+xh0ke1h+Fnhb0paSpgKZmTDAyyLj5QpYGde:p+TUA0paSppZ+Ayyf5QpYGde
                                                                                                                                                                                                                                                                                    MD5:7862ABEC5008FAC0A8924B65B3058C05
                                                                                                                                                                                                                                                                                    SHA1:BC6A3F405835E3F3290CB521CA2A9AC85EAECDC4
                                                                                                                                                                                                                                                                                    SHA-256:44056C45DE472FF1A5037FC24CC2417218CF4FA500B6A7158BD8AA221268B69F
                                                                                                                                                                                                                                                                                    SHA-512:C91A1DCC08EAECF7F99B37684E02F3F89D18DBAF24B2BF3849CE78965A38E8A995ABBA03C0F8F20420AA15519439F0C662165BAA6A31BFE3CF994AA51F67C8F8
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........%O.e.B...h.F...i.`...j.l...k.{...l.....n.....o.....p.....q.....r.....s.....t.....v.....w.....y.....z.....|.....}.......#.....(.....0.....8.....@.....G.....N.....U.....V.....W.....\.....~.......................c...........Y...................................$.....Q.....'.....x.....~.....{...........4.................".....d.....0...........d.................l...........&.............................%.....(........................ ..... ..... ....."....3#.....#.....$.....%.....&.....'.....'.....(.....).....*....E*.....+.....+.....+....),.....,.....-.....-.....-.........../.....0....f0....N1....$2.....2.....2.....3....G4.....4.....4.....5....G6.....6.....6.....7....Z8.....8.....8....$:....M;.....<....N<.....=.....=.....>..../>.....>....t?.....?.....?.....@....^A.....A.....A....&C....!D.....D....7E....!F.....F....?G.....G.....H.....I....=J....~J.....K.....L....@M....sM.....N....#P.....Q....3Q.....R.....S....1T.....T.....U.....V.....W..../W.....X.....X....)Y....RY....sZ....g[.....[

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\mr.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ms.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):524044
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.251286724342732
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:SgRSValNdUMLjehAr7nQjBx7+27fldjiMIUcGm95AIHxOMVLLEWVHs:SOSmu0jeAnEx7BldPc95n0Mu
                                                                                                                                                                                                                                                                                    MD5:5EE8AEFF66C42600D73F9CB7D8366CCE
                                                                                                                                                                                                                                                                                    SHA1:DAB706F52B7F6099286D659EFC24ADBAD9F5A4F2
                                                                                                                                                                                                                                                                                    SHA-256:A87B9926FBC7C17D884ABE1D8E4B81335476B00FFE76196E38AF8542E2D7881D
                                                                                                                                                                                                                                                                                    SHA-512:96145B505C3726878162EF4AE328F08888F1CBCF3C3D8AADFCE4E72398651D1B120C4D219176E107F99BD682D968D3C8F02AA8BF600007033AAC07064127A8EA
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........S&..e.....h.....i.....j.....k.....l.....n.&...o.+...p.8...q.>...r.J...s.[...t.d...v.y...w.....y.....z.....|.....}.....................................................................................5.....L...........S.................'.......................;.......................m.................0.............................}.........................................*.................^.....v.................C.....L.................".....-.................&.....7...........(.....{.......................9.....K.............................i.......................O.......................\.......................U.......................E.......................5.......................C.......................f.......................N.......................).....u.......................^.......................>.....V.....b...........#.....T.....c...........0.....q............ ..... ..... ..... ....S!.....!.....!....."....k"....."....."....."....G#.....#.....#.....#.....$....o$.....$

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ms.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\nb.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):508553
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.428763068409714
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:h63MVtpURb8w5Op7fQ9S8GNxRV5/n4FJFEWt:h63MVXUa65GNxRV5f4jFP
                                                                                                                                                                                                                                                                                    MD5:40B668B73BBF3575D009F3D528D388E5
                                                                                                                                                                                                                                                                                    SHA1:E7186E4796216615F388C8A8058D898C4913F2FD
                                                                                                                                                                                                                                                                                    SHA-256:8813FA272B1A12042C75B97848605C8DA7D306AC7AAA4F231D41EE98D9E70538
                                                                                                                                                                                                                                                                                    SHA-512:8858E78493FBDBE1B2B99BCE75DAAC585F40EEA2612D80D82850F7957F0EF69C3A1F3DC7C011427CB1E64CD667031DEBD3B3D160BB9C2146224377A99B74798A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........*&#.e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.!...v.6...w.C...y.I...z.X...|.^...}.p.....x.....}...............................................................................................}.................[.................3.................!......................./.............................v.......................w.................&.................H.....k...........x.................R...................................S.....m.............................L.............................m.......................P.....u.................L.......................X.......................^.......................S.....|.................J.....x.................p.................&.....~.......................b.......................G.....i.....{...........h.................9.......................? ..... ..... ..... ....T!.....!.....!.....!....b".....".....#.....#.....#....+$....u$.....$.....%....f%.....%.....%.....%....A&....^&....l&.....&....6'....e'

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\nb.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\nl.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):525362
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.366124885898627
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:TZpCbai+lbWusvbgQ5Pax5ttonxEGp7KY8OTy:3Cmi+lbWusB5Pax5tenxEGp7KYH2
                                                                                                                                                                                                                                                                                    MD5:6E38F51EBC9B4AF616C984ACFEF7323E
                                                                                                                                                                                                                                                                                    SHA1:1D871E09B051CDF1429FBB68FC43B7631DAD9438
                                                                                                                                                                                                                                                                                    SHA-256:E3ED1D14209965FACA5AC6A2B4026A4A28D21F5096E0C44943E731279190D540
                                                                                                                                                                                                                                                                                    SHA-512:4124F5ED6E9AC7701837AAE5458DB96DF8303FFF05ECBAB40D938CF0FDE3C5F2F696D07F0BE2227040A14336D2701F8A76342550419630F51C073070DC705492
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........&3.e.z...h.~...i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.....w.....y.#...z.2...|.8...}.J.....R.....W....._.....g.....o.....v.....}.....................................................U.................4.................@.....T...........;.......................c.......................[.......................?.....g.....u...........M.......................}.................4.......................=......................._.................(.................g.......................C.....W.......................$.....y.......................h.......................j.......................O.......................,.............................v.................,.......................N.......................?.......................".....x.................&.......................B.......................$.......................C.......................z ..... ....P!....a!.....!....O"....."....."....##.....#.....#.....#.....$....j$.....$.....$.....%....`%.....%

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\nl.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\pl.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):587942
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.759897632158159
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:l2o5czDWoOB/kbwvGfQfR6HAEbFVP+CUdCe3mUUFMAmW1Qh4Mh5vJ14scsy:woGYabMe1Qhz5cR
                                                                                                                                                                                                                                                                                    MD5:2D6468A89698A05B8522F679825572D3
                                                                                                                                                                                                                                                                                    SHA1:52EC81BC896051ED8A865B44C58F82EABA6B89B9
                                                                                                                                                                                                                                                                                    SHA-256:477E505459C80A8477FA6EF1B8A0FAF16C5E450B69CF922C37BBE020A088E695
                                                                                                                                                                                                                                                                                    SHA-512:59A95F05D071C739D4DC1456B856D0283AD3D99AC35EC300EC38E76AB236BA6D6E83598D0823D46C07D62EE0457F2958C682F4EFA3EADB824A254F48387EC538
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:......../&..e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.#...v.8...w.E...y.K...z.Z...|.`...}.r.....z...............................................................................................(.......................{.................Z...........$.....B.................F.....\.................=.....Q.................P.....b...........9.....o...................................h.......................~.................&...........#.....n...................................w.......................7.............................I.....j.....x...........A.....z.................I.....|.................C.....t................./.....[.....k...........'.....[.....l...........V.......................U.....r.................2.....S.....y...........(.....i.....~...........P.................#.....i.................. ....Q ....w ..... .....!....p!.....!.....!....R".....".....#....,#.....#...."$....e$.....$.....$....J%....w%.....%.....%.....&....7&....F&.....&.....'....\'

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\pl.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\pt-BR.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):551569
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.417670979179483
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:fl4UKe4ouC2NBXBL1WkoyVH5gcJBM90sRaY5K/:WzeRf+5TJ/sR15G
                                                                                                                                                                                                                                                                                    MD5:FBD585195E35E49C60A9190FBF815E86
                                                                                                                                                                                                                                                                                    SHA1:F88FE564784D0441A304A4B126DE27FB2B0412EE
                                                                                                                                                                                                                                                                                    SHA-256:ED647E78BC3E89A6322A7198DD1875034AC3CDA355BA6837EA0D4686D56712CD
                                                                                                                                                                                                                                                                                    SHA-512:22596E824D2226C8E0773F323FDDCB1A0C7523EE2077C38205EDB5B11EF15DE3C5768B8C598A781BDC49BE91C3B1B22BA92C3DA5E0BE6ACB5DF42670487E68E0
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........2&..e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s."...t.+...v.@...w.M...y.S...z.b...|.h...}.z.....................................................................................................).......................m.................I...........5.....R.................Q.....f.................6.....F.................%.....>...........2.....x...................................x...........$.....5.................:.....N...........<.................4.................$.....s.......................S.......................Q.......................T.......................W.......................9.............................g.......................\.................).......................^.......................-.....y.................P.....{...........$.................$.....p.................. ....T ....{ ..... .....!....^!.....!.....!....H".....".....#....2#.....#....3$....}$.....$.....%....Z%.....%.....%.....%....2&....X&....m&.....&....E'.....'.....'.....(

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\pt-BR.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\pt-PT.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):555353
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.392038775374042
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:B2lInvsb1Nq9rX7YZieJVJJxhQ3shYfVh85IKlbSRDF:EAvsb3qdXj85IK1SRB
                                                                                                                                                                                                                                                                                    MD5:C64146716C2A401FEC538E4C79785144
                                                                                                                                                                                                                                                                                    SHA1:3C5D0B45225A39A65C0345E5C98A4E539D807FE1
                                                                                                                                                                                                                                                                                    SHA-256:904189CAAEF1E278EE31432F8995BFC150975250FA355683E1CEF1B5C79D3BF3
                                                                                                                                                                                                                                                                                    SHA-512:CE8336F4C83E47779169B3F875D8910F7C30CF7BCA2CF77C398C37E32FDC8C01A43B5EF74CFD03C3ABE8E3979454EBB1396CEA7449640025423D2B1F565A5C0C
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........I&..e.....h.....i.....j.....k.....l.....n.....o. ...p.-...q.3...r.?...s.P...t.Y...v.n...w.{...y.....z.....|.....}.....................................................................................".....4...........H.................&.......................u...........U.....p...........[.......................f.......................G.....t.................t.................Z.................2.................K.....X.................W.....g...........9.........................................e.......................P.......................H.......................X.......................`.......................K.......................$.....z.......................h.........................................H....................... .....`.....z.................O.....|.................o.................>........................ ....o ..... ..... ....*!....{!.....!.....!....i"....."....D#....\#.....#....L$.....$.....$....1%.....%.....%.....%....@&.....&.....&.....&....3'.....'.....'

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\pt-PT.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ro.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):574388
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.451836104471441
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:NTIexSy0/AfWKXEjvyJe/FoMxOINkjK0yGZq5BZyo2cs2V/qE53:NTIeTOKXEuJUFoyO/u0zq5BAor/d3
                                                                                                                                                                                                                                                                                    MD5:C613CAB2C2D6AC5B88E21FCB65671F19
                                                                                                                                                                                                                                                                                    SHA1:291D545427FEAF8DA9DD75679ADA1BB70C66EB47
                                                                                                                                                                                                                                                                                    SHA-256:8EDD01CC74EB965CFA4CB35249097D114F554B8D80883D7C7E335A857F33A810
                                                                                                                                                                                                                                                                                    SHA-512:1E826936C1636F7D5DA9870DD362984E2DEDB8F3BFFE3F64D8615BC955F4A1C2E988E7FB60387743949C200DF073FBB7B27DC3B6A66BA9D7950571CA2DD2FE57
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........&..e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.!...v.6...w.C...y.I...z.X...|.^...}.p.....x.....}...................................................................................{...........Y.....s...........4.....m...................................y...........$.....C.......................%.....|...................................".....S...........A.........................................P.......................g.................#...........3.......................U.....s.................&.....K....._.................$.....4.......................4.......................+.............................Y.......................8.......................S.................5.............................W.......................V.......................q.................\.......................$............ ....; ....V ..... .....!....Z!....o!.....!....l"....."....."....a#.....#.....$....7$.....$.....%....F%....^%.....%.....%.... &....6&.....&.....'....s'

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ro.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ru.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):941599
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.851052751447414
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:tqeL4fQjRo4Y+5NMx/K69zJ9ZFdAal2a4qSGsN9z/0TYH8eXN2hVO3j/tSbzvMBS:tKgk5b6tS
                                                                                                                                                                                                                                                                                    MD5:36D9CBBB31930EB5B78378EC63751BE6
                                                                                                                                                                                                                                                                                    SHA1:5D123C38941CC4E59570254909291B29970F0CE1
                                                                                                                                                                                                                                                                                    SHA-256:DE90BA6507DC032C853FC61BDBF9218A29FF70379B571B1F4F3D7A28C3902479
                                                                                                                                                                                                                                                                                    SHA-512:EACCC7FBDF3E9D9C9EB1A602C1BF17C8BAFC920EBD058C4D2C496B95BB1B3FABCDFC87D1747BFD8CD404DE75C887038A99717BE7960BC808B632039EC9F80A06
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........%..e.H...h.L...i.]...j.i...k.x...l.....n.....o.....p.....q.....r.....s.....t.....v.....w.....y.....z.....|.....}....... .....%.....-.....5.....=.....D.....K.....R.....S.....T.....V.....s.............................P.......................2.......................c.......................!.....f...........O...........W.....z...........,.....p...........;...........-.....i.....\.............................,.....~...........Z...........;.....`.................B.....o.....s.....m...........<...........O.....|...........=.......................~.................9...........>.....w...........B............ ....A ..... ....D!.....!.....!....."....."....."....."....a#.....#.....$.... $....2%.....%....~&.....&....3'.....'.....'.....'....s(.....(.....(.....).....)....+*.....*.....*.....+....M,.....,.....-.....-.....-....%.....7...........f/...../...../.....0.....1.....1.....1.....2....A3.....3.....3.....4.....5....:6.....6....87.....7.....7.....8.....8.....9....E9....^9....6:.....:....S;

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ru.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\sk.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):592404
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.807054231111397
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:phWgwEC/qsIkBr7iIip+RC5y+dbLxrQzLPxt9eH:zWR/qsx7iCC5NLaBtEH
                                                                                                                                                                                                                                                                                    MD5:59822645439846B0A211C8566E7CF90E
                                                                                                                                                                                                                                                                                    SHA1:F4EDAE1B34DF718FD72EBEBD6DC9E36CFEF95584
                                                                                                                                                                                                                                                                                    SHA-256:60319C30E94770472017E83ED0309A8F134F0D60E38261F53517EA23E9658C09
                                                                                                                                                                                                                                                                                    SHA-512:E2A7295BBFD5E721C765F90FAE0AD1420902A916E837E1B0BD564BB9EB553908EADEA58739F21D75C9F38CD3D1E821DCF14545884462FAA3F70617AFC764B84A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........2&..e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.%...t.....v.C...w.P...y.V...z.e...|.k...}.}.....................................................................................................S.................W.............................&.....u.................`......................................... .....z.................6...................................Q.....t...........k.................1.......................u.........../.....F...........k.................9.....................................................|.........................................S.......................h.......................y...........'.....:.................F.....Y...........s.................(.....v.......................Z.....v.................U.................- ..... ..... .....!....o!.....!.....!.....!....s".....".....".....#.....#.....#....@$....Z$.....$.....%.....%.....&.....&.....&....8'....Y'.....'....*(....Y(....m(.....(.....)....>)....R).....)....I*.....*

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\sk.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\sl.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):568760
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4785168337779435
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:1Hr7a+NC5qB2r+JpEE5U8c2JHvbxi/fz8lqc:1L+UC5fyEE5U8cAi/fz87
                                                                                                                                                                                                                                                                                    MD5:970F310ACBAFA4A29E0CFA5C979DF397
                                                                                                                                                                                                                                                                                    SHA1:B1C20EEFC61785C3CBAF7D6D3B5FD2B144CC1EF5
                                                                                                                                                                                                                                                                                    SHA-256:B4EFD0CE0957A00E2E617A3E595B471ADFDFBDEE333C14BA41B8DC8BB5653324
                                                                                                                                                                                                                                                                                    SHA-512:D1DF03814C42819F94A7CF3FA54D699AC8A844C69303CEAED97BA3D3512406161F011120395904B473EACA29D8959B9A14C85D90A880508611E80A46B9D97575
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........&3.e.z...h.~...i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.....w.....y.!...z.0...|.6...}.H.....P.....U.....].....e.....m.....t.....{.....................................................[...........=.....V...........,.....].....n...........z.................N.......................S.......................E.......................W...................................B.....c...........A.....{.................e.................1...................................l.................A.....X.....p...........".....E.....U.................:.....M...........0.....l.................G.....z.................q.................&.......................'.......................6.......................Z.......................B.......................9.......................`.................3.................. ..... ..... ..... .... !....4!.....!....."....D"....\".....#.....#.....$....1$.....$....f%.....%.....%....e&.....&.....&.....'....a'.....'.....'.....'....S(.....(.....(

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\sl.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\sr.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):872667
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.788135484665425
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:i5s/IU2p79qWYZAYI8dlSDdrPuzQhrUPb7FW5fZPT0xT7xH47L37SjeUM/k/3:IsZhYIlW5exxB
                                                                                                                                                                                                                                                                                    MD5:5E439D9D281D90569CD4AA231FC8B287
                                                                                                                                                                                                                                                                                    SHA1:AA8D4E28770F430DD7F93E2B9879748A97C74FB0
                                                                                                                                                                                                                                                                                    SHA-256:9082215832960416F3E6B43D2F76869A8632506BFE3A806A1B46C858B1370806
                                                                                                                                                                                                                                                                                    SHA-512:C9491A35C082B1BB7C08B732D6F07DBFFA5BB955988141D3C56D3F482D9FA74763EB196AA7F37445808163AB790A0B23091C06F81EBACB94BD164DC72B01A71C
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........<&..e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.%...s.6...t.?...v.T...w.a...y.g...z.v...|.|...}.....................................................................................>.....s.....`.............................:.............................#.....W.................H.....}.....$.............................!.....h...........Q...........@.....{.....{.....9.......................a.......................A.......................e.................$.......................j.................3...........8.....r...........! ..... ..... ..... .....!....J"....."....."....}#.....$....R$....s$.....%.....%.....%.....%.....&.....'....Q'....r'.....(.....(.....(.....).....).....*.....+....3+.....+....9,....q,.....,....8-.....-.....-................Z/...../...../.....0....#1.....1.....1....z2.....2.....3....L3.....4.....4.....4.....5.....5....{6.....6....-7.....8.....8.....9.....9.....:....5;.....;.....;.....<....4=.....=.....=....2>.....>.....>.....>.....?....q@.....@

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\sr.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\sv.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):512705
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.538975019723545
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:UoQDiRIZXEr1COYNcNUAvSrZxkmvZl1HI4RFcz9RyoxGOGW3IiRMaSOmDE/xWcqX:DQDRZXllNcGrjr5O57ze
                                                                                                                                                                                                                                                                                    MD5:D31FED9E04F8915045F6A2CC7BD4C9FE
                                                                                                                                                                                                                                                                                    SHA1:8C68186DC5463D4E45889E8DE021536110B09453
                                                                                                                                                                                                                                                                                    SHA-256:931598B71AD77874A64294614BA73B426A717F343674FCEB7BAEE227D4413B9D
                                                                                                                                                                                                                                                                                    SHA-512:3C9D2F8F655006722AC5B08E8575EDAC9CCE21061B3A8696B8E772734A12BBFE04C53838DEC475887DBC82501E90A8799ACE71DC49BA05CF766037D001852493
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........%V.e.4...h.8...i.I...j.U...k.d...l.o...n.w...o.|...p.....q.....r.....s.....t.....v.....w.....y.....z.....|.....}.........................!.....).....0.....7.....>.....?.....@.....B.....S.....e.....y...................................Y...................................b.....{...........K.......................V.......................U.......................z.................L.................$.........................................8.....H...........D.................@.................M.......................".....z.......................W.......................K.......................X.......................M.......................=.......................4.......................?.......................T.......................-.....}.......................N.....o.................Y.................$.....z.......................k.................. ....a ..... ..... ....,!.....!....."...."".....".....#....I#....o#.....#....;$....k$....~$.....$.....%....6%....D%.....%.....&....1&

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\sv.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\sw.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):539452
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.338235032300934
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:pGnHmfiscrB5G7CCRdCAUQbQW4243xaKFNUq89F1ggt45JUAcwg6yJMkJPe/Bmqa:pSoo5GH
                                                                                                                                                                                                                                                                                    MD5:F0314E8F5AF94C845AB4218468AF3454
                                                                                                                                                                                                                                                                                    SHA1:4ABFA3D5D114AE89CB449F83C1267DA3DB0EF8BE
                                                                                                                                                                                                                                                                                    SHA-256:0CE0651A673A250FA86E6A9DF4EC490C832F045E07617343F015599687AA84E8
                                                                                                                                                                                                                                                                                    SHA-512:11E6CA00ACD7D65495F7C04BA5E558DAAD835C48BD230F616DE62954B9E10FC45E816E049E1ADB858B29D335DA08808B560F04C8A6AED83B62ED722F1968C08F
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........)&$.e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.(...w.5...y.;...z.J...|.P...}.b.....j.....o.....w.............................................................................u...........D.....Z...........).....h.....z...........m.................2.......................$.....w.......................\.......................f.................H.................,.................8.....H.......................<.................=.....Q...........`.................3.............................Q.....t.....}.................=.....I...........,.....w.................6.....j.....|...........@.....}.................0....._.....l...........&....._.....h...........L.......................^.......................h.................*.....z.................F.......................x.......................S.......................a ..... .....!....#!.....!....."....u".....".....#....k#.....#.....#....T$.....$.....%.....%.....%.....%.....&....,&.....&.....'....['

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\sw.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ta.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1387366
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.061553280377292
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:cyu/keC6jicF5ZzVtR6cA25tm1vYpiMyg:Yj9F5ZzUcA25tm1vYpiMyg
                                                                                                                                                                                                                                                                                    MD5:4411E4698E279FB95ADEA7BE9625F800
                                                                                                                                                                                                                                                                                    SHA1:A3C655D334442CF5EF106B92F9778C9B3FBC252A
                                                                                                                                                                                                                                                                                    SHA-256:BEABEEA92C3FB9C52C22BADD99D686F1690E3574C75CD7A886320FB2CAC53D92
                                                                                                                                                                                                                                                                                    SHA-512:4406ADF5F7BEB86A49695FFF0A3E92E108AC2EE4DAAE46821C74164018FBD72E6D1DDA7C3B689B30A1F19C17B13B0C1BF0537C966ABE88137A0135D04483BF41
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........&7.e.r...h.v...i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.....w.....y.....z.*...|.0...}.B.....J.....O.....W....._.....g.....n.....u.....|.....}.....~.........................................{.....A.....j.............................n.......................5.....k...........9.....:.....-................................... .....X.....\...........G.......................#.....D.....Z ..... ....@!.....".....#....L$....}$.....%....&'.....'....U(.....).....+.....,....^,....a-....*.....~............/.....0.....0....-1.....2.....2....K3.....3.....4.....5....F6.....6.....7....z8.....8....-9.....:.....;....y;.....;.....<.....=.....>....<>....6?....'@.....@.....@..../B.....C....\D.....D.....E.....F.....F....4G.....H.....H....;I.....I....aJ....JK.....L....bL.....M.....N.....O.....O....yP....?Q.....Q.....Q.....S.....T.....T.....T....qV.....W....eX.....X.....Z.....\.....^....8^....._.....`....Va.....a....6c....\d.....e....me....qf....^g.....g.....h....Pi.....j.....k

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ta.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\te.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1281329
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.31693967998977
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:lGfZBWX7McKNsC1ot59d4e/gb0HrWs05Bk3p1FZNViFlJ2wtg+NFqhrOlHXAAFwG:cxBWVZd57MkC
                                                                                                                                                                                                                                                                                    MD5:443D47F30632512C7E5A6E142D2A3CA3
                                                                                                                                                                                                                                                                                    SHA1:98730D4194266544C204E11E30C1817A5C8DFAE6
                                                                                                                                                                                                                                                                                    SHA-256:12267195833FF2F15F99947478C75EEB18923EB125AAF7118A0F398045636E33
                                                                                                                                                                                                                                                                                    SHA-512:34A02D50B300E8283A896BA492277FB6D2C16BFEEF88B30344C803D060DC50FA638BECA10F5113EBFE23D6E5882D82D072303112008FA721FF20EA087385C71C
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........I&..e.....h.....i.....j.....k.....l.....n.$...o.)...p.6...q.<...r.H...s.Y...t.b...v.w...w.....y.....z.....|.....}.........................................................................).....].........................................a.....S...........<.............................>.....W...........1.......................D.....S.....#.............................7.................D...........p.................0 ....q .....!....."....4#....w#.....$.....&.....'....I'.....(..../*.....+....i+....T,.....-....Y-.....-..........|/...../....(0....<1.....2....l2.....2.....3.....4....x5.....5.....7.....7....Z8.....8.....9.....:.....;....J;....i<....9=.....=.....=.....?.....?....d@.....@.....B.....B.....C.....C.....D.....E.....E....+F.....F.....G.....G.....G.....H....rI....3J....kJ.....K.....L....RM.....M.....N.....O.....O....LP.....Q....jR.....R....;S.....T....>U.....U....!V.....W.....Y.....Z.....Z....v\.....]....:^.....^.....`.....`.....a.....a.....b.....c.....d....Kd.....e.....f....Ng

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\te.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\th.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1076392
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.3678914271676845
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:lk8N9LyZYAST4z1L/L1XPVLsbhRy1cW+v1H5UJEyL3ftj8wlz9eTRo98GkK9uLAR:lip5h5F
                                                                                                                                                                                                                                                                                    MD5:ABFAD720A09628E229EE75C14DCC1DEE
                                                                                                                                                                                                                                                                                    SHA1:80A075F9714D4C3BAFF06E1935B304558C3D597E
                                                                                                                                                                                                                                                                                    SHA-256:0C8332F2C81038A69282A049FD59EC76F2370F329F9AEFF9A54AE1B0AB83AFB1
                                                                                                                                                                                                                                                                                    SHA-512:D43A39699ED5F0E55A4491B726B44CF6238C9FB69C919F5DBFFBF6627221C524737115AC4FF604A1B6208AF7CAD52192CE896A6C57EEBE3A9BB721F9EC57ADBD
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........Y%..e.....h.....i.....j.....k.....l.$...o.,...p.9...q.?...r.K...s.\...t.e...v.z...w.....y.....z.....|.....}...............................................................................).....S.............................................................................6.....u.................+.....|...................................(.....p.................g...........P.....G...........X...........w..... .......................4.......................B...............................................q............ ..... ....|!.....!....."....."....f#.....#.....#.....$....n%.....%.....&.....&.....'.....(....&(.....(.....).....*....:*.....*.....+.....+.....+.....,.....-.....-..........4/....10.....0.....1.....1....\2.....2.....2.....3.....4....a4.....4....65.....5.....6....M6....m7...."8.....8....(9.....9....=:....t:.....:....y;.....<....b<.....<.....=.....>.....>.....>.....?.....@....jA.....A.....B.....C.....D.....D.....E.....F.....G....FG.....G.....H.....H.....I.....J.....J....pK

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\th.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\tr.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):550618
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.609493488679069
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:cHODNEWFOVqzdRdiZmqDhz0yqxv8CcHuki4wge75HX/2+1i1nEedGAMYw/KOe67:4OyqFCmG4zkiN5HX//
                                                                                                                                                                                                                                                                                    MD5:CE85F55613C69479E13D011F0B81E3F1
                                                                                                                                                                                                                                                                                    SHA1:07C31DF75DEECEC1BC09FFCD473B885EF0467B42
                                                                                                                                                                                                                                                                                    SHA-256:EEA13AECCB9DC35CF6E5135BCAB2F376D584CDEFC4B2970ED1126F8C2043AFCC
                                                                                                                                                                                                                                                                                    SHA-512:3A6C6015003A09295AB4CA7BBBC421F281E3A8719C56EF9D0BB4448413656778DA7C70D7F67FCBED7051E562027CBD7BCEA84596E48AADA64193AF448002120C
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........Y&..e.....h.....i.....j.....k.&...l.1...n.9...o.>...p.K...q.Q...r.]...s.n...t.w...v.....w.....y.....z.....|.....}...............................................................................2.....G.....a.............................c...................................X.....s...........4.....o.................+.....R.....a.................D.....V...........&.....X.....z...........m.................2.......................1.......................>...................................A.....Y.................C....._.................M.....^.................H.....X...........#.....Z.....g...........6.....m.....~...........?.....q.....~...........:.....j.....v...........;.....o.....|.............................S.......................T.......................4.......................G.......................e.......................L ..... ..... ..... ....d!.....!.....!....."....."....b#.....#.....#....z$.....$....6%....Z%.....%....`&.....&.....&....)'.....'.....'.....'....@(.....(.....(

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\tr.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\uk.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):938457
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.888192308730272
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:iqzRMYWYPnfzKj0meRi8ICN5ZB3IjMAlLEXdcuKLNiXEqqbQuKz+4uL2uoj:/uSz58E3
                                                                                                                                                                                                                                                                                    MD5:E72DBF8C00F7C211D1A220DB30EC7A7E
                                                                                                                                                                                                                                                                                    SHA1:8F891C83E0FBAA78A8267CF5B54462BD64DE9C6F
                                                                                                                                                                                                                                                                                    SHA-256:B1892427972D0454F8B85AF85DCC074393FFBCB2381EA91EFB2E85EB03FF2A04
                                                                                                                                                                                                                                                                                    SHA-512:D1F3E5DBC50B14FEADFC30999C89DB1A0431E4758EE82CF18DA81F991CDF76C3298FD98D3CB3E2AB902A11C8A7E11C6D7645E1ED91ED5F3280A4420C1FB793D0
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........%q.e.....h.....i.....j.....k.....l.9...n.A...o.F...p.S...q.Y...r.e...s.v...t.....v.....w.....y.....z.....|.....}.........................................................................,.....E.....o.................X.......................Q......................._.......................z...........)...........L.................j...........V.....k.....'.................L.....9...........{...........i...........c...........1...........%.....F.................$.....Q.....@.......................T.................#...........,.....l.........................................8 ..... ..... ....V!.....!....0"....K"....."....\#.....#.....#....N$.....$.....%....3%.....%....F&.....&.....&.....'....t(.....)....?).....)....Q*.....*.....*....*+.....+.....+.....+.....,..../-.....-.....-..........l/...../....[0.....0....\1.....1.....1....d2.....2....(3....U3....,4.....4....25....^5....P6....$7.....7.....7.....8.....9.....:....Y:.....;.....;.....;.....<.....<.....=....U=....r=....F>.....>....b?

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\uk.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ur.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):817673
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.177156515939135
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:C7a3H/NvV+8PomRMD2nyBO3QU5ANJhEFZWPOEojYzQYrNwadcJKwU8ueco/9Njjk:Vvvt5LWp
                                                                                                                                                                                                                                                                                    MD5:3129155651C81F86E5E2794B0CD15EC7
                                                                                                                                                                                                                                                                                    SHA1:FB3D6C2156E1230C099B02171F3E9100FBE542A8
                                                                                                                                                                                                                                                                                    SHA-256:67B353376ECC45F0271CB2526B96AEB681F717968C35397F7E53AA43D3D31D08
                                                                                                                                                                                                                                                                                    SHA-512:31831DEAD97B53E600317091DC08807D1D040A1FC27753CCEB4104A865583C79E1EC68FE6AB644819EF49F262981ADB6EF38D67CB53CB3FDDD43271780FEFCEB
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........-& .e.....h.....i.....j.....k.....l.....n.....o.....p.....q.....r.....s.....t.....v.-...w.:...y.@...z.O...|.U...}.g.....o.....t.....|.........................................................................................;.....b.......................R.....1...........m...........U...........\...............................................Z.....}...................................\.......................6.................W...........S.....p.....C...........}.................N.............................,.....T...........?.....|...............................................S.....q...... ..... ..... .....!.....!....."....Y"....u"....."....q#.....#.....#....\$.....$....*%....F%.....&.....&....3'....^'.....'....n(.....(.....(....d).....).....).... *.....*....'+....m+.....+....U,.....,....Q-.....-............................./....&0....x0.....0....p1.....1....j2.....2....k3.....4.....4.....4.....5....W6.....6.....7.....7....w8.....8.....9.....9.....:....]:.....:..../;.....;.....<

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\ur.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\vi.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):651358
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.790776889845594
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:BhaQjDW+cuwJ/roEKaaFoGnXy0bxcPdH9+vUx5WY8hZq94KibJziMHo6wtk1e:B0d+cuwJ/7a3ni0be35N8vq1ibliMI6U
                                                                                                                                                                                                                                                                                    MD5:5910DEDFBC84629690DD59478E80B51A
                                                                                                                                                                                                                                                                                    SHA1:AF6E9281C779E40ACF1A8A1EABB1AA926AB85F85
                                                                                                                                                                                                                                                                                    SHA-256:0832B96542456367261A215719ACDCC394A027C04A4F0C313F9401D6B222F756
                                                                                                                                                                                                                                                                                    SHA-512:1BD32EFA3D034442D85D2478EFA8180E11126E80F03097B813CCFD4521039E186342CC9EFAA47809DB9852ADA3541B76E668D43C7A427D2410DAB6C0A1BA1B2C
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........%q.e.....h.....i.....j.(...k.7...l.B...n.J...o.O...p.\...q.b...r.n...s.....t.....v.....w.....y.....z.....|.....}.........................................................................&.....7.....`...........7...........U.....q...................................*.................?.................%.....z.......................o.................!...........@.................}..... .................I...........&.....8...........7.................?...........$.....L.......................,.................'.....F...........&.....P.....a...........A.....}...................................V.......................k......................................... .................C.....U.................. ....% ..... .....!....O!....n!.....!....C"....m"....."....d#.....#.....#....c$.....$...._%.....%....)&.....&.....&.....&....w'.....'....!(....D(.....(....>).....).....)....]*.....+....s+.....+....L,.....,....J-.....-..........m.................&/...../...../...../....s0.....1....[1....|1

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\vi.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\zh-CN.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):472125
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.686635546459109
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:y3OYfu048lFDezkK7/56jOIydpD65imqjNnEwYHB074lK:y3hfu0HjyzX56jOIyz65rcNnEwmBK
                                                                                                                                                                                                                                                                                    MD5:79D8DDFE89B3B2B37BBBF85AFD6E6D67
                                                                                                                                                                                                                                                                                    SHA1:0D0316D3D1DA0D13D2C568F0FAB9116996998C7C
                                                                                                                                                                                                                                                                                    SHA-256:ABBF9199B7751AD09750361E2EE861876EE44D65020B7D1255C45DFF911BCF89
                                                                                                                                                                                                                                                                                    SHA-512:5F6B736B835DF71BA67906710BF86CDEB37542642CC03FFE6CC73557C2BE35CE99C5838739B160D26545D7A55E4263DEE7E55E942307F7D8657E3E8FAFDE5114
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........%..e.....h.....i.....j.....k.....l.....m.....o.....p.....q.....r.....s.....t.....v.....w. ...|.&...}.8.....@.....H.....S.....[.....j.....o.....w.....~...............................................B.......................s.......................q.......................|.................2.............................X.......................7.......................7.......................S.......................D.......................*.......................1.......................4.....w.......................>.....d.....p.................#.....2.................:.....L.......................&.............................d.......................<.......................?.......................P.......................'.....u.......................h.......................K.............................H.....T.................6.....H.................?....._...........H.......................n.......................k.......................3 ....Q ....a ..... .....!....A!....S!.....!

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\zh-CN.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\zh-TW.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):469061
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.698957808032297
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:bSSfomw9A7NuQRFcjArmJflGj2DuUasg5b57jkzrMOZQyZV7zeHk2Tt:bSSf5wG7NuFjA0xasg5b57jkzbr/7m1
                                                                                                                                                                                                                                                                                    MD5:687995F645CB9169DBFC3431E8FCFE3B
                                                                                                                                                                                                                                                                                    SHA1:D6931394363D7C479791B32C8AD268786FFCE8AF
                                                                                                                                                                                                                                                                                    SHA-256:35A0323EB90FA53859961F832BCB66C391F53E6449722F6FDC136D92484C47C9
                                                                                                                                                                                                                                                                                    SHA-512:FAAAD1CE95650FA67AA7E86F2453DEDC70C6E206BB15DBA4E824BB0D540D884A09A75A48A9E36FEEB83B75232258B7431B1F3DF53A824FA322B3C4E87BEABA14
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........%..e.Z...h.^...i.o...j.s...k.....l.....n.....o.....p.....q.....r.....s.....t.....v.....w.....y.....z.....|.....}.......%.....*.....2.....:.....A.....H.....O.....Q.....V....._.....k.....z.................y.......................q.......................f.......................Z.......................A.....j.....v.................3.....@.......................0.......................1.............................r.......................a.......................w.................1.....}......................./.....{.......................F.....i.....x........... .....I.....U.................&.....2.......................!.....s.......................K.......................<.......................2.....x.......................>.....X.................<.....N.................,.....O.............................P.......................;.......................D.........................................0.............................[.............................h.................. ....Z

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\locales\zh-TW.pak.info

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:CSV text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1051021
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4211132061857965
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:SDb4GbP8IrxcFMOCGHo2QZIZ40P7usnnR6yTgkXb2X:dTgkXO
                                                                                                                                                                                                                                                                                    MD5:82D7AB0FF6C34DB264FD6778818F42B1
                                                                                                                                                                                                                                                                                    SHA1:EB508BD01721BA67F7DAAD55BA8E7ACDB0A096EB
                                                                                                                                                                                                                                                                                    SHA-256:E84331E84CD61D8BDACC574D5186FB259C00467513AA3F2090406330F68A45DB
                                                                                                                                                                                                                                                                                    SHA-512:176458B03CC2B2D3711965CD277531E002AE55D284B6C9178D2353E268F882430235468E5A1E9E45C8427864D109CF30A024A993B4763A75FA2744F6E0A6AE2A
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:IDS_ACCESS_CODE_CAST_ACCESS_CODE_MESSAGE,1400,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_BACK,1401,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CAST,1402,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_CONNECT,1403,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_DIALOG_TITLE,1404,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ENTER_CHARACTER,1405,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_ACCESS_CODE,1406,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_DIFFERENT_NETWORK,1407,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_NETWORK,1408,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_PERMISSION,1409,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_ERROR_TOO_MANY_REQUESTS,1410,../../chrome/app\access_code_cast_strings.grdp..IDS_ACCESS_CODE_CAST_E

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\node.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):18401792
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.484724602010289
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:196608:UFhL+fUAW3m8p73KQ/ZxCSIK7Z5JG1xC/e:UFp+fUAW3m8pDKQ/ZxChK7Z5cjC
                                                                                                                                                                                                                                                                                    MD5:6A067CB26AF2C240C240BC81C4A4F311
                                                                                                                                                                                                                                                                                    SHA1:CFB1A89616DC14830EB073F4CD84AC4EB14B4534
                                                                                                                                                                                                                                                                                    SHA-256:C1E6EF50932D0CD9EDF8FF4C663CFCCA358F2E2D5349B3B7904E4D4D8F6D8882
                                                                                                                                                                                                                                                                                    SHA-512:25520B39C834BAAC056958C22EBA1B2317B0D7967F351C66BA6177FB9FFC3FD4B6C0E8489CFBD8B2E477854F75163856F23775BAE6B8A0721048FD961E276BAD
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...Bx.e.........." ................L.........................................B...........`..............................................#...2..,.... A.......;..n...........0A.\t..|...........................(.......8............P...............................text............................... ..`.rdata....... ......................@..@.data...@9*..@......................@....pdata...n....;..p..................@..@.gxfg.........?......V..............@..@.retplne......@......F...................tls....a.....@......H..............@....voltbl.......A......J.................._RDATA........A......L..............@..@.rsrc........ A......N..............@..@.reloc..\t...0A..v...T..............@..B................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\notification_helper.exe

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1162240
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.551791881008996
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:ouraOSnSamNJMd26Fpz2vWISMtjK+N4cpfATBp5j2Iv8oia7gPhI+nkMoe8r8WJW:ouWJSap2spQ9tXATBT6IQa7S18oW4
                                                                                                                                                                                                                                                                                    MD5:EDF83410995BEA188731EF377334ED7B
                                                                                                                                                                                                                                                                                    SHA1:B12C8925409701725749A9EBCC9D6CBFDB0122DD
                                                                                                                                                                                                                                                                                    SHA-256:B464548564A8B97682560630127AA447D25FE692F887A4822A36B2EF8F250E97
                                                                                                                                                                                                                                                                                    SHA-512:A14B61223B0D2E1A7389934559EEC5279A1C2B0C713B0FDAA08F4F979A3B37D8BADED355B42AEF5FEA13A254AF177F5EB152C6C009985F3294C5097035907EE2
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...P0Wd.........."............................@..........................................`.............................................\...t........p.......P..................................................(...0...8...........0................................text...F........................... ..`.rdata..............................@..@.data...........@..................@....pdata.......P......................@..@.gxfg....,...........`..............@..@.retplne.................................tls......... ......................@....voltbl.F....0..........................CPADinfo8....@......................@..._RDATA.......P......................@..@malloc_h0....`...................... ..`.rsrc........p......................@..@.reloc..............................@..B................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\nw.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):196713984
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.709853681888895
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:1572864:T671igPCQDu9VieLAbOP1nmnq/lbL7IKJciUtkMHs5sx1qqV88:eJiDS610scieJq1
                                                                                                                                                                                                                                                                                    MD5:0B9A2D445F28B403D525380817A2636E
                                                                                                                                                                                                                                                                                    SHA1:E4BECC1533A42871BA87A06D039D3477ABE4F79A
                                                                                                                                                                                                                                                                                    SHA-256:264773127DEA00204A3A52BAE4A4510D610292FDD759B7EAF40BD1B59AD88C6B
                                                                                                                                                                                                                                                                                    SHA-512:45BF3DC8C1B118AE26B6A4436591D1B15B339BC6BD8E69E112F0F6ADDB834B0CFD8958AC63BFC712C4A7D9C365FC6944AB80F0D61765170ADF67B5535DEE12E1
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...P0Wd.........." .........`...... S....................................................`A........................................G.-..!..../.|.......p.....R..B^..............T...i .8................... b .(...@..8............./......U-.`....................text..."........................... ..`.rdata..X.... ......................@..@.data... .... 4.......4.............@....pdata...B^...R..D^...>.............@..@.gxfg...0C.......D...@..............@..@.retplne.....`...........................rodata......p...................... ..`.tls....A...........................@....voltbl.v...............................CPADinfo8...........................@...LZMADEC............................. ..`_RDATA.............................@..@malloc_h0.......................... ..`.rsrc...p...........................@..@.reloc...T.......V...H..............@..B................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\nw_100_percent.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):685745
                                                                                                                                                                                                                                                                                    Entropy (8bit):7.962986984739525
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:CI3H1fJqjzgsz5B0GDJQrnKs8SNP+QSsSilRBiNz401+gIXm4pboO0TehEr2:F3VBq7zEEmPLSOiNz40AgUjpboO0TO5
                                                                                                                                                                                                                                                                                    MD5:9B46F4C8DFC0A55BFAFAC55F17D7659B
                                                                                                                                                                                                                                                                                    SHA1:D25F27DF176AADB67BC56A42262BCCAFD14AF4F4
                                                                                                                                                                                                                                                                                    SHA-256:B637AE345B830649B4027F39F6EE48F92484A2ACB65DE498E4FDD84EC1010336
                                                                                                                                                                                                                                                                                    SHA-512:DE5F500AFE381A16E3FF7DDCB5C8AA538362E55222F7915276BB4C9261E41CBC2403CA1663A7DBF0706D8D51ABC420E26804F67CFD646D7986130A20A659F345
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:..........O............... ...........@.........p?....q?h...r?...s?<...t?....u?....v?h...w?...x?&...y?....z?...{?9...|?....}?...~?N....?.....?.....?J....?.....?}....?.....?....?1....?O....?.....?.....?.....?.....?%....?.....?.....?.....?.....?.....?m....?5....?.....?.....?.....?0....?.....?.....?e....?.....?u....?.&...?>'...?.'...?.(...?G)...?.)...?.2...?.<...?.P...?.c...?Ce...?yf...?.h...?jk...?.n...?.w...?.....?D....?.....?.....?+....?z....?&....?.....?.....?(....?.....?.....?.....?.....?6....?4....?.....?.....?.....?@....?.....?.....?.!...?]*...?.2...?38...?.@...?.A...?._...?/y...?.....?`....?9....?.....?U....?.....?.$...?S7...?E`...?.t...?p....?.....?K....?&....?.....?.....?.....?A....?.....?.!...?.+...?.3...?u;...?.C...?.H...?rT...?.^...?.b...?[g...?yl...?.}...?.....?.....?k....?n....?"....@.....@.....@.....@f....@.*...@M@...@.Q...@.c...@kq...@W{...@Q....@X....@c....@.....@j....@O....@R....@S....@....&@g...'@Z...(@....)@....*@....+@....,@....-@V....@..../@D...0@.8..1@.9..2@.<

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\nw_200_percent.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1079219
                                                                                                                                                                                                                                                                                    Entropy (8bit):7.95049008504143
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24576:H3zBr5zLmmibkFR8+mZR9hQumegvQtSP0AUwvdbbag6edhOLoe4:H3t53mNbkFRJmH9hQRhQsP0AJvdbjrOS
                                                                                                                                                                                                                                                                                    MD5:F666B710DA2BED9AC0252C1FA1D00C4A
                                                                                                                                                                                                                                                                                    SHA1:0D8288FDE82C2F3B7BD006FCF4CB92246AEFAF6D
                                                                                                                                                                                                                                                                                    SHA-256:F1AB589CFD40FB17A7C390B45FFAD8FCF90C133FFF1D14CA5BFC7053A21DC241
                                                                                                                                                                                                                                                                                    SHA-512:982BB5EA2C14170D47E150DC8692EBE316EC5D6B584377020C1F58AE0632748CB631182A6BFAD2F909EF6B818B012527367A36D8681B5B56DC735B8CCAF7B52F
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:..........O.........+...........|.....#.........p?....q?@...r?....s?,...t?....u?....v?|...w?...x?R...y?...z?'...{?....|?....}?V...~?....?.....?.....?....?I....?.....?A....?.....?.....?.....?~....?d....?.%...?.C...?.Y...?vn...?Qp...?.p...?Br...?.y...?Rz...?.|...?.~...?U....?.....?X....?....?.....?.....?.....?.....?.....?X....?.....?.....?.....?g....?.....?*....?.....?.8...?.:...?z<...?.>...?.D...?OJ...?._...?.p...?o....?%....?.....?[....?....?.....?.....?.....?.....?.....?.+...?.>...?.M...?Ra...?4u...?.....?]....?.....?.....?.....?.....?. ...?^4...?.L...?.[...?.t...?.w...?.....?u....?.....?.....?.....?.....?.+...? >...?7Z...?.l...?.....?t....?:....?.....?-....?.....?.....?.....?.(...?_7...?.L...?.X...?.b...?]i...?.q...?.z...?i....?.....?;....?.....?.....?....?z....?.....?H'...?.S...?.t...?d....@.....@S....@\....@.....@.H...@.v...@M....@.....@.....@a....@.....@.....@oI...@6....@.....@,....@....@.....@:...&@....'@....(@0...)@....*@*...+@....,@....-@h(...@94../@v>..0@....1@....2@..

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\nw_elf.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (GUI) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1134592
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.555043286804751
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24576:QwQlMOLVebHVYzFbfcWjX9GIwR5Cuh2ZHnTcUy:8lMOLsLVY5fLZx85Fhonor
                                                                                                                                                                                                                                                                                    MD5:364F839CA8DE4D942270D9097D48EF15
                                                                                                                                                                                                                                                                                    SHA1:82C8040DC2A733EB3EA3E051513C84F992BB17F1
                                                                                                                                                                                                                                                                                    SHA-256:A4E521C12FE47816F2D9E2DFED9FD074E370EC587D0A0F3A03B5AEBB76C06560
                                                                                                                                                                                                                                                                                    SHA-512:BAF1ED5E558DC0AE037FE0DFF036792CFBD338915C8AF99D10F0202B92CA820298657A86A0F3E8C1387326FDA34DE3EE08649C34AF2417159A24AED9CED02DF3
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...P0Wd.........." .....V...........).......................................@............`A....................................................<.......8.................... ..<....~..8....................}..(...@...8............................................text...-T.......V.................. ..`.rdata.......p.......Z..............@..@.data...T....@...B...*..............@....pdata...............l..............@..@.crthunk.....p......................@..@.gxfg... ,..........................@..@.retplne.............$...................tls.................&..............@....voltbl.B............(..................CPADinfo8............*..............@..._RDATA...............,..............@..@malloc_h0........................... ..`.rsrc...8............0..............@..@.reloc..<.... .......8..............@..B........................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\resources.pak

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):4656369
                                                                                                                                                                                                                                                                                    Entropy (8bit):7.995866504972196
                                                                                                                                                                                                                                                                                    Encrypted:true
                                                                                                                                                                                                                                                                                    SSDEEP:98304:uD6MLlkY6HHy1C85FPmvT+bixvbScP33rjMfCskQzJ/XJ:uDRmVny1k6mVS238fC0BZ
                                                                                                                                                                                                                                                                                    MD5:0F1D45867B591D67B0301EE8C4AD5F7B
                                                                                                                                                                                                                                                                                    SHA1:F5FB6378C13912DF079EFEE44476FC1B4666EF24
                                                                                                                                                                                                                                                                                    SHA-256:A2434429FEA5B3344426E388F9A2191E10449103E933EF7F0CDBF4638F22380D
                                                                                                                                                                                                                                                                                    SHA-512:1DB79C82E67547A76D3D479168EE12899E7E03D8C065239976E0A490804182290B76829E483E8F18F7FEAFE7E819D2784C507D7ABCDAB917B62D78696059EE80
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:............{.,0..|.,0.....3.....5....~...........8...........Ol..........p.................K........... .....I......!....."....d$.....%.....&.....'.....+....MW.....X....I_....Pj.....p.....u.....}....G................?....?.....?.....?R ...?J"..-?.%...?.4../?.D..0?.T..1?.c..2?Gs..3?...4?5...5?k...6?T...7?....8?....9?....:?V...;?....<?.*..=?:B..>?.^..??Su..@?....A?Y...B?)...C?....D?....E?....F?....G?a)..t@],..u@./..v@.2..w@!8..x@.;..y@.@...APT...A.V...A.]...A.l...A3m...A.m...A`n...A.n...A7o...A.o...AGt...A.|...A/....A6....AS....Ai....AF....Al....AG....A;....A.....A.....Ac....A;....AE....AY....A....A....A....A.....A.....AP....B.....B^....By....B.....B.....B.....B4....B....,B....-B.....B`....D.....D.....DM....D_....D3....D4....D.....D.!...D."..>I.%..?I.&..@I.+..AI....BIj/..CI.0..DI.4..EI67..RI.8..SI.:..TI.<..yI"H..zIiR..{I/^..|I&j..}I.t..~I.....I....I.....I.....I....I/....I'....I&....I4....I.....IN....I*....I.....I.....IS....I.....I.....I.....I.....I4....I.....I6....I.....IV"...I.0

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\v8_context_snapshot.bin

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):686733
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.111423885670035
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:pcypnQ0h29oCMElgheSP48wv9j9N8Yr0Z3If8g6AkgK+JPVrqtyJC:jpQ0aGeywd8y0y8g5kgKUstD
                                                                                                                                                                                                                                                                                    MD5:E68978443DDAFD40434C87818C90D338
                                                                                                                                                                                                                                                                                    SHA1:C38FC19A469E6C9AF4699ABFE00C5FFE39501726
                                                                                                                                                                                                                                                                                    SHA-256:7AC9FB58F00E735E266730FEFC25D1B3C4B58EC789D5540F0424E746712CD9DC
                                                                                                                                                                                                                                                                                    SHA-512:D9A7998A70E63ED8375052329033E83EEBDB6F856FFDE3C1077A450F985E379D04778EB30AD29CDAAABD33F4ED4437F8C18C73153B58375A8CD8AB26D8A64D54
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.............@..12.2.281.16.........................................................-............%..............a........a........a........ar.......a........a............v...Bw....w...Bx....x...By....y...Bz....z...B{....{...B|....|..(Jb....L.....@..F^.-..1.`.....(Jb...2P.....@..F^..`.....L...IDa........Db............D`.....).D`.....D].%.D....D`......WIa...........WIa...........WIa...........WIa...........WIa...........WIa...........WIa...........WIa...........WIa...........WIa...........WIa...........WIa...........WIa...........WIa...........WIa...........WIa...........WIa...........WIa...........WIa...........WIa............L..............................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\vk_swiftshader.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):4483072
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.30617269058202
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:49152:xZ5FJsKpHj0diHyTFJtDc1QmmxnuUBJ4oiYKGu+GE2pcSF0Ae7yTamCvWpAFql1u:xZnJikcNZshrvLZom
                                                                                                                                                                                                                                                                                    MD5:DB64B157590C89B63D7E7FCF97FD7A01
                                                                                                                                                                                                                                                                                    SHA1:64C320EA6A444561E6DEA1E6713DBACDA24B634C
                                                                                                                                                                                                                                                                                    SHA-256:53E35896FEF631BA844818E4D91013DA2C1E2324EDD0AFF93EC4F2747793B8A7
                                                                                                                                                                                                                                                                                    SHA-512:5429E4CAEEF300EF388E86595E5853C0C5B62EF8D3E0BF84469A994C8A5CD65D8EFF3A038BEF8992AE065A3A61EB765CA19810B6AEAD52F564BCC8D21EB717EF
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...P0Wd.........." ......3..........$0.......................................F...........`A..........................................?.....`.?.P....pE......PC.(.............E.....X?.8....................W?.(....O>.8.............?.P............................text.....3.......3................. ..`.rdata..D.....3.......3.............@..@.data.........@......n@.............@....pdata..(....PC.......B.............@..@.gxfg....,....E.......C.............@..@.retplne.....0E.......C..................tls....V....@E.......C.............@....voltbl.8....PE.......C................._RDATA.......`E.......C.............@..@.rsrc........pE.......C.............@..@.reloc.......E.......C.............@..B................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\vk_swiftshader_icd.json

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):106
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.724752649036734
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3:YD96WyV18tzsmyXLVi1rTVWSCwW2TJHzeZ18rY:Y8WyV18tAZLVmCwXFiZ18rY
                                                                                                                                                                                                                                                                                    MD5:8642DD3A87E2DE6E991FAE08458E302B
                                                                                                                                                                                                                                                                                    SHA1:9C06735C31CEC00600FD763A92F8112D085BD12A
                                                                                                                                                                                                                                                                                    SHA-256:32D83FF113FEF532A9F97E0D2831F8656628AB1C99E9060F0332B1532839AFD9
                                                                                                                                                                                                                                                                                    SHA-512:F5D37D1B45B006161E4CEFEEBBA1E33AF879A3A51D16EE3FF8C3968C0C36BBAFAE379BF9124C13310B77774C9CBB4FA53114E83F5B48B5314132736E5BB4496F
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:{"file_format_version": "1.0.0", "ICD": {"library_path": ".\\vk_swiftshader.dll", "api_version": "1.0.5"}}

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\nwjs\vulkan-1.dll

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PE32+ executable (DLL) (console) x86-64, for MS Windows
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):918016
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.582669085817742
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24576:7Z7BE4to/6WCfiHqy6Z5WiDYsH56g3P0zAk7En3Lh:7NBETyWCfNy6Z5WiDYsH56g3P0zAk7EV
                                                                                                                                                                                                                                                                                    MD5:C59EE747C59CD7B450DB71FD836E7153
                                                                                                                                                                                                                                                                                    SHA1:8C43131CAF144B0D359662EF0990E992A3EC7C40
                                                                                                                                                                                                                                                                                    SHA-256:334907D2DF7C78DD099A92D13565903DCAE189B977A9774213C769D5C61E4D4E
                                                                                                                                                                                                                                                                                    SHA-512:74127AFA5FF13FDCBBF8733CDD300084C5A44A5EE8B99C651E6E6BEB103318610230F70C0100F746C54DAC5409C8334FB28F9AF6D0DC6B438ADD72402C25ED61
                                                                                                                                                                                                                                                                                    Malicious:true
                                                                                                                                                                                                                                                                                    Antivirus:
                                                                                                                                                                                                                                                                                    • Antivirus: ReversingLabs, Detection: 0%
                                                                                                                                                                                                                                                                                    Preview:MZx.....................@...................................x...........!..L.!This program cannot be run in DOS mode.$..PE..d...P0Wd.........." .................0....................................................`A............................................<!..L...P................r..............8....p..8....................o..(...`...8............................................text............................... ..`.rdata..,....0......................@..@.data...|L...@..."...$..............@....pdata...r.......r...F..............@..@.gxfg...P).......*..................@..@.retplne.....@...........................tls.........P......................@....voltbl.8....`.........................._RDATA.......p......................@..@.rsrc...............................@..@.reloc..8...........................@..B................................................................................................................................................................................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\pcappstore.ico

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):16958
                                                                                                                                                                                                                                                                                    Entropy (8bit):1.8361199320851
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24:JBna8NJl1Pt7zU73afztxDXLnAvMafBaQaJ0a9IR33+7LhkJuKama4iyA/K:J88fSWtBYjapIhsCuH9yAK
                                                                                                                                                                                                                                                                                    MD5:815665F58B066A42DE47F55ED686D184
                                                                                                                                                                                                                                                                                    SHA1:49AB7ECDB18F74D1CB573CDDD7194AB4DC8C530F
                                                                                                                                                                                                                                                                                    SHA-256:24D463E36F7DA285315A483437E586E08A335086281078950302F13FE9505310
                                                                                                                                                                                                                                                                                    SHA-512:62637598067B7EB2A4FA17EA38F35C1AD3CCEC5AE6AA97CC9771392F8CBAB679FA343D12C4E2D8C932194F677119B73BF86E6E2375454B36C3FC75782AF01103
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:......@@.... .(B......(...@......... ......@..............................................,h. ,h.p,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h.p,h. ................................................,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h......................................,h.@,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h.@............................,h.`,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\asset-manifest.json

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1303
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.927996306534048
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24:RL/HwArsWjyZgnK6nw87+p+7LU1LUcLU0wLU0bXcdF8kke3ke/kXvxnEi/HAB:F/BrZjMbY7ALLwLbXW88fcXvz/AB
                                                                                                                                                                                                                                                                                    MD5:4B55D62B16ADCF19F8E466F9988DBEC7
                                                                                                                                                                                                                                                                                    SHA1:9563339C8D80DAEB5C7B38A21E2EE4A88EEC6760
                                                                                                                                                                                                                                                                                    SHA-256:19D56A07CD45027047FEDF6E80911711AA85035F3BED3819471709F40CF2A9D4
                                                                                                                                                                                                                                                                                    SHA-512:BC3D3250EF596664675CA264E85B88B2D8F89355A272DD539B485D01260C7BF038C16D92AF99EA8CA7B352A82C18D9CB749E8394F2272637999E2494AF76F457
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:{. "files": {. "main.css": "/static/css/main.c1bf4e0a.chunk.css",. "main.js": "/static/js/main.717b6389.chunk.js",. "main.js.map": "/static/js/main.717b6389.chunk.js.map",. "runtime-main.js": "/static/js/runtime-main.cdd4f9cc.js",. "runtime-main.js.map": "/static/js/runtime-main.cdd4f9cc.js.map",. "static/js/2.801b9d83.chunk.js": "/static/js/2.801b9d83.chunk.js",. "static/js/2.801b9d83.chunk.js.map": "/static/js/2.801b9d83.chunk.js.map",. "static/js/3.cf9f4ce6.chunk.js": "/static/js/3.cf9f4ce6.chunk.js",. "static/js/3.cf9f4ce6.chunk.js.map": "/static/js/3.cf9f4ce6.chunk.js.map",. "index.html": "/index.html",. "static/css/main.c1bf4e0a.chunk.css.map": "/static/css/main.c1bf4e0a.chunk.css.map",. "static/js/2.801b9d83.chunk.js.LICENSE.txt": "/static/js/2.801b9d83.chunk.js.LICENSE.txt",. "static/media/SettingsWelcome.scss": "/static/media/copy_icon.570b8027.svg",. "static/media/index.scss": "/static/media/icon_weather_white.c0043930.svg",. "sta

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\favicon-16x16.png

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):278
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.614793808897997
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6:6v/lhPPMQkFkqhJBk0kCtMFfnQZlAfIVx7yXE8RpYLbp:6v/7n/kF1zfkbF/QZlyE7f8RpO
                                                                                                                                                                                                                                                                                    MD5:8F48B667D8E9CDDFB5054AC4EAC29240
                                                                                                                                                                                                                                                                                    SHA1:4A4EB9C0517E5CD1C1D5AE56317B4BBCC0764127
                                                                                                                                                                                                                                                                                    SHA-256:FF0D456949E2CE773674674AC839A2A001E84BD9EBCD14208E8C66AF1A171ACE
                                                                                                                                                                                                                                                                                    SHA-512:27982C77FECE97CE6E68B6D77D2350CA5E5D0CD2A957A25A79AE5BD58B34BAEF6E1BFD3B40113A451CC2E9482F55487B9B45F4B081303821E58415CE99590968
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.PNG........IHDR................a....pHYs...........~.....IDAT8.c._.n..........H.........g.< Y3.0.>`B..................P..I10.d.6@F......T..=...f...$&..Q..-. t.$T... 1d5P..?C.?.?-p......k.....N......&...3..{.30\.....$.&J43...5...!...I@<......Y.0.....#.7. YcL....IEND.B`.

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\favicon-32x32.png

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):506
                                                                                                                                                                                                                                                                                    Entropy (8bit):7.41701077919571
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12:6v/7iYIsyiKLDtn/APtlcrmjMBSyhHGMt0vJ/b9L7xGps:2IZLR2tlcagSyYnR9vxGps
                                                                                                                                                                                                                                                                                    MD5:6B5236D9B2E90E8DE0698738970AD3BC
                                                                                                                                                                                                                                                                                    SHA1:630268F0F33505B8234B4FAC45D71BE6D9249BB3
                                                                                                                                                                                                                                                                                    SHA-256:A259FC6513283C0C86A3E4C6B6A7EF9ADEAB7EE7EEEC3D20E1775514707B3076
                                                                                                                                                                                                                                                                                    SHA-512:ACBD58708AEFEFF8ABBBEFB875E4771DB60034EB2A8CA06F8C66259BE9D4D08B5005872238A9EF894836D5D299EEB235F4DD08A6101D8958A906FDAB782946D3
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.PNG........IHDR... ... .....szz.....pHYs...........~.....IDATX..W.O.@.}4..]pCV?.....e....L.M...D......#.7u1.Q..A.M...q.E.c.4..+.....}...]/..a..!.]....GoQ..hz..f.lt.@...Nd...9........>(.......{.@p..|.K.TN.+...]....b...9..%..B.8@p.n.wQ..q).8...Lw. .^K:...U...r....<.4......\..T..K......y..Z...<. ....,.v..\h.r..[c.}W....+ce.X....>.....[9..pu.*?.........i~...Z8?....;W..K...&..y....=K...h.2.0.......,ml...8A..&np....?........(...P..7#...9/..s.hz...>-.=.'.?..p1P.......IEND.B`.

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\favicon.ico

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):4286
                                                                                                                                                                                                                                                                                    Entropy (8bit):1.9733781811385676
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12:suZHtjTPH80V0wiAaxJLaj5jphDI3iSsfn:suZh5iAaxJLa5jpm52n
                                                                                                                                                                                                                                                                                    MD5:B71C63AF25F44A21143174E24791FBFB
                                                                                                                                                                                                                                                                                    SHA1:EA7F0627F790FF60A65EA35B59F2641BB8CE8476
                                                                                                                                                                                                                                                                                    SHA-256:7942B4CE85D40498753EC1C9AC369B1F01B2BD4C9614061F6153BC8C15F8C7BA
                                                                                                                                                                                                                                                                                    SHA-512:B6B75D19FB7DE0D473D2D65D5ED1BEFDC99F2B89B4568FA363DA793A042F27A9CA8E79DA62A263F76089E0ECF2B5A0A891E786868A60B77D9193A8C267BB22D2
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:...... .... .........(... ...@..... .................................,h.@,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h.@............,h.`,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h.`....,h.@,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h.@,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h..,h

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\index.html

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:HTML document, ASCII text, with very long lines (3269), with no line terminators
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):3269
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.267907599850738
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:zPY1r9uQtC7RCgkn/GWu7HzeX94X60443o:UtqRCxu7HX604D
                                                                                                                                                                                                                                                                                    MD5:B7C9F30D797A5B794AA4EDA8CAE5F69A
                                                                                                                                                                                                                                                                                    SHA1:42F270CF26D97C2DBC2E0A7979CF57FEF333B1A4
                                                                                                                                                                                                                                                                                    SHA-256:B8B97D7D84A7ED35B5FD7411C572D4B38FF40969E94676010BBB456E76518F60
                                                                                                                                                                                                                                                                                    SHA-512:D02AE1312B21BAAFD715E8E33FEB3336250F81E27636A914C14FB03F9249317444D53509A5FB26B814F23DC2D684CD27CA490CE06FCDF58322E23FB34854C01C
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<!doctype html><html lang="en"><head><meta charset="utf-8"/><link rel="icon" href="/favicon.ico"/><meta name="viewport" content="width=device-width,initial-scale=1"/><meta name="theme-color" content="#000000"/><link rel="apple-touch-icon" href="/logo192.png"/><link rel="manifest" href="/manifest.json"/><link rel="preconnect" href="https://fonts.googleapis.com"/><link rel="preconnect" href="https://fonts.gstatic.com" crossorigin/><link href="https://fonts.googleapis.com/css2?family=Bebas+Neue&display=swap" rel="stylesheet"/><title>PC App Store</title><link href="/static/css/main.c1bf4e0a.chunk.css" rel="stylesheet"></head><body><noscript>You need to enable JavaScript to run this app.</noscript><div id="root"></div><div id="portal-root"></div><script src="https://pcapp.store/src/main_code_nw.js"></script><script>!function(e){function r(r){for(var n,a,i=r[0],c=r[1],l=r[2],f=0,s=[];f<i.length;f++)a=i[f],Object.prototype.hasOwnProperty.call(o,a)&&o[a]&&s.push(o[a][0]),o[a]=0;for(n in c)Obje

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\manifest.json

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):499
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.571997514321595
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6:3HKvfHmH2eHmHbpl5XuXLjQLMzomezgCHZXXuXLjQaFqJWFGez4/ZXXuXLjQ4VzP:6OO35oL0JXoLuRXoLiWjvV/2wDTMA
                                                                                                                                                                                                                                                                                    MD5:B6D88DB0D0FF77D182C5BFA47A6649D4
                                                                                                                                                                                                                                                                                    SHA1:4502E844EE48233B345B3AD057FCD1101EC8F3F4
                                                                                                                                                                                                                                                                                    SHA-256:8721FD01677570E770F1142AB468CD6F2E65DDE19DC03F64D54A57DF1EDEFE06
                                                                                                                                                                                                                                                                                    SHA-512:75986B7B0D83A9548838A8169B6F2FFAF682B454CDC6C1CAF0000866FD4A41180C764F5F73762916C37E27D6A8961E3BB7535EB8862FD9FCA74B7DCA2C2CCFBE
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:{.. "short_name": "PCAppStore",.. "name": "PCAppStore",.. "icons": [.. {.. "src": "favicon.ico",.. "sizes": "24x24 64x64",.. "type": "image/x-icon".. },.. {.. "src": "favicon-16x16.png",.. "type": "image/png",.. "sizes": "16x16".. },.. {.. "src": "favicon-32x32.png",.. "type": "image/png",.. "sizes": "32x32".. }.. ],.. "start_url": ".",.. "display": "standalone",.. "theme_color": "#000000",.. "background_color": "#ffffff"..}

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\package.json

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2511
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.786444073109678
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:KZ7OPI4lJJypc9ZE3RuOk2XGh05bJrCP+o7RKw3/cHRzDCWEXutY1CC:gqP+cjEFraPcHRs1CC
                                                                                                                                                                                                                                                                                    MD5:BA0268049BD46633F0423F58B70A6766
                                                                                                                                                                                                                                                                                    SHA1:B5ACE19636832D4C9F4234A041A2399D10B1688C
                                                                                                                                                                                                                                                                                    SHA-256:DC5928240FA75562C9DE99E07584BB878B5F1697F6FA7876DDDBC53409CD22CE
                                                                                                                                                                                                                                                                                    SHA-512:E6E8E0D889C54FF57141E4C7515D9FFC8B1F9951AB65754D805150A67E1BD43D3894277792416EA76D36525EF2301AF088A47E552B1A954E9B3AFC9274407EC7
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:{.. "name": "pc_app_store",.. "version": "0.1.0",.. "private": true,.. "homepage": "/",.. "dependencies": {.. "@testing-library/jest-dom": "^5.14.1",.. "@testing-library/react": "^11.2.7",.. "@testing-library/user-event": "^12.8.3",.. "bezier-easing": "^2.1.0",.. "html-react-parser": "^1.2.7",.. "node-sass": "^6.0.1",.. "nw-react-scripts": "4.0.4",.. "prop-types": "^15.7.2",.. "react": "^17.0.2",.. "react-beautiful-dnd": "^13.1.0",.. "react-dom": "^17.0.2",.. "react-redux": "^7.2.4",.. "react-router": "^5.2.0",.. "react-router-dom": "^5.2.0",.. "redux": "^4.1.0",.. "redux-devtools-extension": "^2.13.9",.. "swiper": "^8.1.4",.. "web-vitals": "^1.1.2".. },.. "scripts": {.. "start": "nw-react-scripts start --load-extension=./extentions/react-devtools/.,./extentions/redux-devtools/.",.. "build": "nw-react-scripts build",.. "build-bin": "node build_bin_src.js",.. "test": "nw-react-scripts test",.. "eject": "nw-react

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\robots.txt

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):70
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.431168424936135
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3:SHWfrSLaHKatMCLHKw7tD0yjHK7HKsyn:SHWfGLaICLtKwK7HKh
                                                                                                                                                                                                                                                                                    MD5:61C27D2CD39A713F7829422C3D9EDCC7
                                                                                                                                                                                                                                                                                    SHA1:6AF64D9AC347B7B0B3CFE234A79073CF05A38982
                                                                                                                                                                                                                                                                                    SHA-256:E5AB0D231EEB01B4A982D1C79A6729CAC9797AD15A69247E4F28BA6AFC149B4C
                                                                                                                                                                                                                                                                                    SHA-512:29CD3E46BB05A804075AF73FC615A06DA7D1FBA5654538C157A405D0F41EBEFD844B3904E8A0F13434B21E3C36481C34CFA6F17F5B549CE27928A0D6405E39DC
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:# https://www.robotstxt.org/robotstxt.html..User-agent: *..Disallow:..

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\css\main.c1bf4e0a.chunk.css

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (40486)
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):40538
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.038776756689567
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:768:S7z1Ga9nXaidoCEvEwEJE+E3EGEhEoE4EJQwX0QwX8bnyV:S7z1Ga9nqVHcxK70TSZJjnyV
                                                                                                                                                                                                                                                                                    MD5:BA8B67B72756499BC9D31F02415F8F95
                                                                                                                                                                                                                                                                                    SHA1:5DB9B0B789AFC7B9E2DDDE7BBF25A598D2651690
                                                                                                                                                                                                                                                                                    SHA-256:EE09B0CBE65537C047DEB471B09245846CA63E3B2E8E5D28D08193D59AE7D622
                                                                                                                                                                                                                                                                                    SHA-512:BF1A868656927498DF639FF0E3CF4F319C4E943B15F0A5206F22B14C33DA6C54078DFB586081F4B39FB29FA65E5C30C0AB1048F7E74964931D893117AEDD1AB7
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.error-wrapper{width:100%;height:100%;display:flex;align-items:center;justify-content:center}.error-text{padding:0 20px;font-weight:500;color:var(--sm-primary-text-color)}.in-background{width:100%;height:100%}.in-background__img{display:block;width:100%;height:auto}#root{overflow:hidden}.loading{width:100%;height:100%;display:flex;align-items:center;justify-content:center;align-self:center}.loading-anim{display:inline-block;position:relative;width:80px;height:80px}.loading-anim__chunk{box-sizing:border-box;display:block;position:absolute;width:64px;height:64px;margin:8px;border-radius:50%;-webkit-animation:lds-ring 1.2s cubic-bezier(.5,0,.5,1) infinite;animation:lds-ring 1.2s cubic-bezier(.5,0,.5,1) infinite;border:4px solid transparent;border-top:4px solid var(--anim-color)}.loading-anim__chunk:first-child{-webkit-animation-delay:-.45s;animation-delay:-.45s}.loading-anim__chunk:nth-child(2){-webkit-animation-delay:-.3s;animation-delay:-.3s}.loading-anim__chunk:nth-child(3){-webkit-ani

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\css\main.c1bf4e0a.chunk.css.map

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):75429
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.131553566266101
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:768:Mq/jSvnoZDXmm2TDm7VGLi/LMq5HD0pN1Pml47K0Ynbej9DvBXhvEPn3IGxJDIzv:RSfoNtLMNIsD
                                                                                                                                                                                                                                                                                    MD5:DF0CB96BE26094690EC20638CFD19744
                                                                                                                                                                                                                                                                                    SHA1:730926C0825BE3FDE3157F5858E7BD2F0C3FB289
                                                                                                                                                                                                                                                                                    SHA-256:875CB85F5AD444F42D28B88AE54718F386ED5409B6C90F42CDF35615C2770415
                                                                                                                                                                                                                                                                                    SHA-512:58BA6FDBA602CD1F47AAFE23C65DBE9CA152677C357A5AB4143826DD0004AEAB9798EAE2DFA8315A9346832622E1C5DB7B52D74F9DC0B5F2276CDBFF08576A62
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:{"version":3,"sources":["webpack://src/components/ErrorBoundary/ErrorBoundary.scss","webpack://src/windows/Main/Main.scss","webpack://src/components/Loading/Loading.scss","webpack://src/components/InjectHTML/InjectHTML.scss","webpack://src/windows/StartMenu/StartMenu.scss","webpack://src/windows/Search/Search.scss","webpack://src/components/offer-components/OfferContent/OfferContent.scss","webpack://src/windows/Offer/Offer.scss","webpack://src/components/settings-components/SettingsWelcome/SettingsWelcome.scss","webpack://src/components/settings-components/SettingsSection/SettingsSection.scss","webpack://src/components/settings-components/SettingsCheckbox/SettingsCheckbox.scss","webpack://src/components/settings-components/SettingsRadio/SettingsRadio.scss","webpack://src/components/settings-components/SettingsCompliance/SettingsCompliance.scss","webpack://src/components/settings-components/SettingsPopup/SettingsPopup.scss","webpack://src/components/settings-components/SettingsNavigatio

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\js\2.801b9d83.chunk.bin

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):673416
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.007704985977014
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:KUKZOw4tiI8IySyzABHAmmKJn6f24zcQiv9WhwJgj:rcZSyzABHnln6ezWhpj
                                                                                                                                                                                                                                                                                    MD5:D9722A6FFF2490ED995531238B6E80B6
                                                                                                                                                                                                                                                                                    SHA1:B5E2FA6E6EA8EAB7181E5A859E977171F138761E
                                                                                                                                                                                                                                                                                    SHA-256:276590217876291AAD39E9692AF95BC472B34D93A6140AB69F00BCAF4083B80C
                                                                                                                                                                                                                                                                                    SHA-512:AE7DE7899663F419EC0C8A56F5862AEE738B010735F28FA2681EBBCE99ADD636DC58A36DC74B311615FED6298D14F514C33AE373E04FE8166AA9CF0CACCA0FD6
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.........H...$..@..hF...........,T.....`&.......m.`......L`x....!..$Rg.......webpackJsonppc_app_store..........`......L`.......`......Ma........`.......`.....!.Lv............................................................................................Eo................................................................Eb.............Eg................................Eb.............Eb.............,T.4.`........`......L`.......^.......0a..........Kc........T.(.....f.... ........0.b...2.........$Sb............I`....Da>...........b.........,...L.....Ia........Db............D`........Q.`^........,..,T.4..`........m.`......L`.......^.......Xa..........Kc........T.(.....f.... ........8.b...2.........$Sb............I`....Da............b.........,...Le........@.................,T.X.`h.......`..... L`.....<Sb..............a.......!.b............I`....Da.........,T...`........`.....(L`.....0Sb.............!.`$.......`....Da....8.........)...........,T.<..`0.......m.`......L`..................

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\js\2.801b9d83.chunk.js

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):66
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.884858891889049
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3:+BKSLDrbIoMLNLQJljRquKXvCLGIOgL/n:+Dn4oRPaCLvOgL/
                                                                                                                                                                                                                                                                                    MD5:ACAF465D1FBC096D21C487E89AD7C49F
                                                                                                                                                                                                                                                                                    SHA1:482DBE33E2BF02052800045CC293B0990742C234
                                                                                                                                                                                                                                                                                    SHA-256:FCD759D2C151212B5C1B806A584C3CAB0264BF3A27A84FA6D41A3D67EFC4AC5B
                                                                                                                                                                                                                                                                                    SHA-512:9BD7CD4109222774B02327FFED06E9F045587A0DF4070F013C4EE64647E829BC54329552DABF2C4000AB480BE5A27D0A2EE2F2522C8194239295F0E7641563AF
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:nw.Window.get().evalNWBin(null, "static/js/2.801b9d83.chunk.bin");

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\js\2.801b9d83.chunk.js.LICENSE.txt

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:ASCII text
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1686
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.736390551286131
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24:YXFwBA4uoqIfy+wBA4uoqIfyKwBA4uoqIfyEwBA4uoqIfyLqwBA4uoqIfyDwBA4l:TIAfyIAfaIAfOIAfiIAfnIAff
                                                                                                                                                                                                                                                                                    MD5:10A587045DF3F39CD774951756F33E54
                                                                                                                                                                                                                                                                                    SHA1:2AC3C8FEF92062A32E6837B2ACF36A3D58E98E15
                                                                                                                                                                                                                                                                                    SHA-256:761ACCA609686727835E6A840345E57331CD86CEC03BBD6FEEA3583F7D7E8DB4
                                                                                                                                                                                                                                                                                    SHA-512:903E145B7C05F596FF77784AA075934B890DDAD18829FAFF14F33A98DECDB7EF5C2CF9233A1FA4D6881C2BC6232A4984EDE3DCDD311E70925E940AA097931AC7
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:/*.object-assign.(c) Sindre Sorhus.@license MIT.*/../*! regenerator-runtime -- Copyright (c) 2014-present, Facebook, Inc. -- license (MIT): https://github.com/facebook/regenerator/blob/main/LICENSE */../** @license React v0.20.2. * scheduler.production.min.js. *. * Copyright (c) Facebook, Inc. and its affiliates.. *. * This source code is licensed under the MIT license found in the. * LICENSE file in the root directory of this source tree.. */../** @license React v16.13.1. * react-is.production.min.js. *. * Copyright (c) Facebook, Inc. and its affiliates.. *. * This source code is licensed under the MIT license found in the. * LICENSE file in the root directory of this source tree.. */../** @license React v17.0.2. * react-dom.production.min.js. *. * Copyright (c) Facebook, Inc. and its affiliates.. *. * This source code is licensed under the MIT license found in the. * LICENSE file in the root directory of this source tree.. */../** @license React v17.0.2. * react-is.production.min.js.

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\js\2.801b9d83.chunk.js.map

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1024473
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.423552162642971
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12288:v5m9IfCJcudFuzqZx4OFNlTePl/NjTdkTZVANftCgJEJPG9+Meh:RilTePlljTdkTZkCgJEN++Meh
                                                                                                                                                                                                                                                                                    MD5:2A4361CFC7094304666213A0F712D10C
                                                                                                                                                                                                                                                                                    SHA1:E0335FB64225CAD4F915E8D62483734276154AB6
                                                                                                                                                                                                                                                                                    SHA-256:96949B7DDA0EF31225EB6232B5EDBE97F9A1EF554006EC389A030D81B2FF8BD2
                                                                                                                                                                                                                                                                                    SHA-512:8A1097C2B7B82689E46015CFD84429745F494F96BF724DF5349D649C34973E13F9F848B8289365EA874879044385A1D5E5AD6A489591C2DC97B8109E9D093599
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:{"version":3,"sources":["../node_modules/react/index.js","../node_modules/react/jsx-runtime.js","../node_modules/@babel/runtime/helpers/esm/objectSpread2.js","../node_modules/prop-types/index.js","../node_modules/react-redux/es/components/Context.js","../node_modules/react-redux/es/utils/batch.js","../node_modules/react-redux/es/utils/Subscription.js","../node_modules/react-redux/es/utils/useIsomorphicLayoutEffect.js","../node_modules/react-redux/es/components/Provider.js","../node_modules/react-redux/es/components/connectAdvanced.js","../node_modules/react-redux/es/utils/shallowEqual.js","../node_modules/react-redux/es/connect/wrapMapToProps.js","../node_modules/react-redux/es/connect/mapDispatchToProps.js","../node_modules/react-redux/es/utils/bindActionCreators.js","../node_modules/react-redux/es/connect/mapStateToProps.js","../node_modules/react-redux/es/connect/mergeProps.js","../node_modules/react-redux/es/connect/selectorFactory.js","../node_modules/react-redux/es/connect/connec

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\js\3.cf9f4ce6.chunk.bin

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):16240
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4978991340628935
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:384:NwmVKPQB7RAY/Frz9UY4D2EjvefZiFJLFOJBMYtXDx:5Ka3FrCYEMsFtuXDx
                                                                                                                                                                                                                                                                                    MD5:1B83BDE47892A049925572BD77B5E3B3
                                                                                                                                                                                                                                                                                    SHA1:998F7A3CED8FC72502A7108A5A64FC8D2505768F
                                                                                                                                                                                                                                                                                    SHA-256:5A953842AC9CA303D5159FB44F29251450DEA6B0F1DEA7556D6BC2A9AF28389A
                                                                                                                                                                                                                                                                                    SHA-512:39FD3A313AD2224EB5DA8CC32B7B3DD3462DE10748AAC64CB3E042ECAA5A756783845D4E1A1125833E428685A87D371AEADB45E80C558D0597D414DFB9186D67
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........'....$..@..P?...........,T.h..`........m.`..... L`.....!..$Rg.......webpackJsonppc_app_store..........`......L`.......`......Ma........`........c................C.,T.I..`B.......`......L`D.....Sb........2.....!...!...a.......!...........a......!......a.................!...!.............a...a.........x......................................................................................................Rb........124.`....Da.....!....a......Rc.s......getCLS...,T.(.`........`....]......Ha..........Kb.......... .c.................(Sb...........I`....Da....2....8....L.....Ia........Db............D`.......Q.`p........(..D..,T.(..`........m.`....]......ha..........Kb.......... .c.................(Sb...........I`....Dah........8....\e........@.................,T.(.`........`....].....a..........Kb.......... .c.................(Sb...........I`....Da...........e........@.................,T.(.`........`....].....a..........Kb.......... .c.................(Sb...........I`....Da

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\js\3.cf9f4ce6.chunk.js

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):66
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.8128151418562695
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3:+BKSLDrbIoMLNLQJljRquKWLUCGA7LjL/n:+Dn4oRPDLUFsL/
                                                                                                                                                                                                                                                                                    MD5:B3E7D84CF0B8A2298C89F91F084C0809
                                                                                                                                                                                                                                                                                    SHA1:CE8389EE3CDEBD3DEA5628A441971C723D835D8C
                                                                                                                                                                                                                                                                                    SHA-256:E9FFA7AB9823450EDDC6F312504281D6C9D87BDD89B3E4B4478C2E22FAC1E55B
                                                                                                                                                                                                                                                                                    SHA-512:69BD25B2F3F76A8A763749C91745828A1EB05B103A543BF691D72757CE9E70F3EBC1D153F094ED081CE06172F62AC3E8CBD1E69849B92854C32693D2915510D5
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:nw.Window.get().evalNWBin(null, "static/js/3.cf9f4ce6.chunk.bin");

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\js\3.cf9f4ce6.chunk.js.map

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):9898
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.1083863257804785
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:192:fHLn4vlsHvjvxo7FUhWnl68oC4k0XiajoQgJhMiatsCPOQ:fHL4vYvjvxo7Fq8oCmXiajsWmQ
                                                                                                                                                                                                                                                                                    MD5:B079CA1E88F9F0249B645CF6809C0059
                                                                                                                                                                                                                                                                                    SHA1:4AE49B4802E3ECDDCBC00E54487B1ED6A2DB66F8
                                                                                                                                                                                                                                                                                    SHA-256:C43B883FF47319D6301976F55CBA18CDCF29DB95D79EDED8926C9C4FF93AE76F
                                                                                                                                                                                                                                                                                    SHA-512:4F9F19403A05360738085E3D1849A86F20124EA04635F0DE4806C65EDEA26812D23CA1AF0AA7DC7201BC7EEE9B0E5B80FF58214718BA3114F65CEE716439BB21
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:{"version":3,"sources":["../node_modules/web-vitals/dist/web-vitals.js"],"names":["e","t","n","i","a","name","value","delta","entries","id","concat","Date","now","Math","floor","random","r","PerformanceObserver","supportedEntryTypes","includes","self","getEntries","map","observe","type","buffered","o","document","visibilityState","removeEventListener","addEventListener","c","persisted","u","WeakSet","Set","f","has","s","hadRecentInput","push","takeRecords","m","p","v","timeStamp","d","setTimeout","l","disconnect","startTime","add","performance","getEntriesByName","requestAnimationFrame","h","passive","capture","S","y","w","g","entryType","target","cancelable","processingStart","forEach","E","L","T","once","b","getEntriesByType","timing","max","navigationStart","responseStart","readyState"],"mappings":"8GAAA,+MAAIA,EAAEC,EAAEC,EAAEC,EAAEC,EAAE,SAASJ,EAAEC,GAAG,MAAM,CAACI,KAAKL,EAAEM,WAAM,IAASL,GAAG,EAAEA,EAAEM,MAAM,EAAEC,QAAQ,GAAGC,GAAG,MAAMC,OAAOC,KAAKC,MAAM,KAAKF,OAAOG,KAAKC,MAAM,cAAc

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\js\main.717b6389.chunk.bin

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):465368
                                                                                                                                                                                                                                                                                    Entropy (8bit):6.14942830048273
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:s+MUPkfXHj7+mCQmv5b7sSQyc6bwQEtlFiiE2Udd7sgoycSgaJ7sgo07sgoyoJ3z:zFPkP/+mCVGrDXtwYdvgk
                                                                                                                                                                                                                                                                                    MD5:5D4D79F5E8C4C5BE596D0D29FE390DB8
                                                                                                                                                                                                                                                                                    SHA1:BE21E4FB8E1068A14754A02BD6189A38240B0047
                                                                                                                                                                                                                                                                                    SHA-256:6F0FE0DF3138C4D6793991EA974B6F63F982F86652E8DDFC4E33EE70A5EFB88C
                                                                                                                                                                                                                                                                                    SHA-512:20CC4165405DC4E0EDEC3AC1713973EB94DAAAAF26EA6CB5FC9EB59321DC85583182916E125744D4C85FAD26F89C1CF08EA8A7F67C036F3BED5571157EBF3035
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.............$..@...............,T.]...`l.......m.`.....5.L`.....!..$Rg.......webpackJsonppc_app_store..........`......L`.......`......Ma........`.......`......L`.......`......Mc...........................`.......La..........Ec.................E`.....Eg.................................E...........................................................................................................................................................................................................................,T.8.`".......`......L`......Rc.b.....require...Rb........fs.....^.......@a..........Kc..........(...8.g............!......b...2.........$Sb............I`....Da............b.......... ..L.....Ia........Db............D`........Q.`l........<..,T.8..`".......m.`......L`.....L..Rb.2M....net....^.......pa..........Kc..........(...<.g............!......b...2.........$Sb............I`....DaB...........b.......... ..de..........................,T.8.`".......`......L`.......Rb...h....http...^..

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\js\main.717b6389.chunk.js

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):69
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.8761250011309585
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3:+BKSLDrbIoMLNLQJljRquKGnteyCLjL/n:+Dn4oRPLtfCLjL/
                                                                                                                                                                                                                                                                                    MD5:99282C810B1320DD7DDF3F1E3C49BCB3
                                                                                                                                                                                                                                                                                    SHA1:412001989210C2675F1F0F6867E7B76243D37B31
                                                                                                                                                                                                                                                                                    SHA-256:77E053252D75F968C929769601E19EA05BBBB628307B99B23DBFE6DA511F9936
                                                                                                                                                                                                                                                                                    SHA-512:953288399F2B8E45D37A8BBEF6D48725F303143E144077C265346A0D900AB1AE8FE8A22B543BC32E8E37C80C840ED1AEBA6C0CC603B0DE126EFFE92B194166AA
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:nw.Window.get().evalNWBin(null, "static/js/main.717b6389.chunk.bin");

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\js\main.717b6389.chunk.js.map

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):703789
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.361726899305513
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:ccRN7mydOkBzbSqWTxlm4lxnXsQ2hVzhvFvVu7/QvLGCXB/qkcJ7aB71NxTKXY2R:GkkrlwvB7nWr
                                                                                                                                                                                                                                                                                    MD5:2A430BD7263C0FF637BCE16595B14F25
                                                                                                                                                                                                                                                                                    SHA1:1DDA5EB0085930E7F36C947799D7806F08C73D4B
                                                                                                                                                                                                                                                                                    SHA-256:1095AB40B990F5B4BB57121D8A0DFA575D727B2BA227576260496C1F1E39CFA3
                                                                                                                                                                                                                                                                                    SHA-512:340521BC1857EF3A8CF9EF2A247AD89C52BB481DAEA26200C23614D42D0BDC09EAD66356E7FA0D46C7EE1687125C5CAC4B2EC40E43DD863256A3894224317CA1
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:{"version":3,"sources":["../external \"fs\"","../external \"net\"","../external \"http\"","../external \"https\"","../external \"path\"","store/actionTypes/appActionTypes.js","store/reducers/appReducer.js","store/actionTypes/windowsActionTypes.js","store/reducers/windowsReducer.js","store/actionTypes/startMenuActionTypes.js","store/reducers/startMenuReducer.js","store/actionTypes/settingsActionTypes.js","store/reducers/settingsReducer.js","store/actionTypes/searchActionTypes.js","constants.js","store/reducers/searchReducer.js","store/actionTypes/offerActionTypes.js","store/reducers/offerReducer.js","store/actionTypes/topbarActionTypes.js","store/reducers/topbarReducer.js","store/actionTypes/notificationsActionTypes.js","store/reducers/notificationsReducer.js","store/actionTypes/widgetActionTypes.js","store/reducers/widgetReducer.js","store/reducers/rootReducer.js","store/store.js","store/actionCreators/appActionCreators.js","store/actionCreators/windowsActionCreators.js","store/actionC

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\js\runtime-main.cdd4f9cc.bin

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):6880
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.780693101615468
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:192:xic+H+F/xHMah4jd7U/qVvKcg9VSSZ3QpADbiEBzN+W5RTXY:jCQ1XkWCVicg9VDgpNYTRk
                                                                                                                                                                                                                                                                                    MD5:4FA32B7B0E24BED1A9E2E639180C6DAC
                                                                                                                                                                                                                                                                                    SHA1:929ECB83121E556DED3E3757CDF15F77CB215A66
                                                                                                                                                                                                                                                                                    SHA-256:088A11BAAE726E4380E8CD4EF349AF27C15A574443F825BB94703B845E6B1F7B
                                                                                                                                                                                                                                                                                    SHA-512:784F6C3D98B21B7E9A7442075D9C122AC04426D462A34FCCFD9394884AE18BEF8A5C742A4B8A6773DCA7D3E8A83032B736597804FD26FE631018E2C39C27D33E
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:........>....$..@...............,T.4..`........m.`......L`.....,T....`........`.....xL`8....\Sb..............!......a.......!...!....f$...........................I`....Da.........,T.-..`........`.....(L`..............................B...........(a.........xK|.....`.H...................8......c.(.<...0.......#.H..................(.<...H.............(.....{....$... ...<........x............/...../...../.....}..-...n...Y../...!...-....-....-......._......$...../....-........./..../...^........4.. ..P"..\.#...Iw...$.....;....$.-.!...-....-..%.-..'._....)......./.+.4..-...:./.......b..0-..2..-..4.]..6.a.8...:...-....-..;........}=._....>...a.@...(Sb.............a.`....Da....P.... .8..lB........ ........P...... ...../..........P...p.`.@..L.....Ia........Db............D`.....T.Q.`&...........$..,T....`........m.`......L`.........r............Pa.........HKp~.......<.......d...........T.........?........!..<. ........g.... ...P................-...n...q...../........-...n...#../.......

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\js\runtime-main.cdd4f9cc.js

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):71
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.7442478245494595
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3:+BKSLDrbIoMLNLQJljRquKeOISOBnDsHKsen:+Dn4oRPxOIRhC8
                                                                                                                                                                                                                                                                                    MD5:07D51995B0C40EB6A7D648682400933E
                                                                                                                                                                                                                                                                                    SHA1:673509F2150E63B0B1C2DA099AAB362214571CBD
                                                                                                                                                                                                                                                                                    SHA-256:F3AB2E215ED0CB5A170CECF2AF7B323810F0E48ACC15F255A9F87CFC2EFF8ECD
                                                                                                                                                                                                                                                                                    SHA-512:79026CBCE83B9C1589B6A77F81842AA4D9015E645CDB8FC0BABCE54118897A45F4D1AC82787476FC7BAA9C71AE7BD6FA38DCCAE12884A8AB6152A316D69CEECC
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:nw.Window.get().evalNWBin(null, "static/js/runtime-main.cdd4f9cc.bin");

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\js\runtime-main.cdd4f9cc.js.map

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:JSON data
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):12604
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.32907166018772
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:384:fUPtHULTmhOVrLDtitZ3Rud/vSwmQFy9UFTmCaFmD5X7hNPn:cPtHU0SvSwmQJFTmCaFoLbPn
                                                                                                                                                                                                                                                                                    MD5:C7F90D5C550BFEECD43C415429428E79
                                                                                                                                                                                                                                                                                    SHA1:0D542CE39CD81D11AC9A73A3C0F81219DFB2E986
                                                                                                                                                                                                                                                                                    SHA-256:94AD0934D5C3FA12061BFF99B5CB495C0B6583E126E0D3CC99DCA62DCFFD8151
                                                                                                                                                                                                                                                                                    SHA-512:092EDF55040DFC6EBA370A4A4F15397F2B25363A45FB9D686493EBAB669A9864C42483EDFF23BC708BC77537B52292F4D71FAA706DB4D7DD2649DBE4FA922F96
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:{"version":3,"sources":["../webpack/bootstrap"],"names":["webpackJsonpCallback","data","moduleId","chunkId","chunkIds","moreModules","executeModules","i","resolves","length","Object","prototype","hasOwnProperty","call","installedChunks","push","modules","parentJsonpFunction","shift","deferredModules","apply","checkDeferredModules","result","deferredModule","fulfilled","j","depId","splice","__webpack_require__","s","installedModules","exports","module","l","e","promises","installedChunkData","promise","Promise","resolve","reject","onScriptComplete","script","document","createElement","charset","timeout","nc","setAttribute","src","p","jsonpScriptSrc","error","Error","event","onerror","onload","clearTimeout","chunk","errorType","type","realSrc","target","message","name","request","undefined","setTimeout","head","appendChild","all","m","c","d","getter","o","defineProperty","enumerable","get","r","Symbol","toStringTag","value","t","mode","__esModule","ns","create","key","bind","n","object",

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\copy_icon.570b8027.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1370
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.283353360674453
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24:2dVm5AXxGvObLfE6odI4/UB4esb1Fke5UZZMQQZn5/ZyY2nOFUig2FLy8:cVqAXQ8fEhN6obDUZZOPyPncUhyy8
                                                                                                                                                                                                                                                                                    MD5:C28FE12628EAF4B73719080A13F8E1A5
                                                                                                                                                                                                                                                                                    SHA1:4900054A3A0BA37B054F7E99826AF0008928AAB5
                                                                                                                                                                                                                                                                                    SHA-256:EDEA379F1A676ED9E3ECF876A940EF2B6E8D9FB16804187D534CAE46F66F9BD1
                                                                                                                                                                                                                                                                                    SHA-512:6E1A2CE50D6B545A26011D8E3339F4FA4C228FBEFEC53A9177BE51DBB12C3C0FDFA33B2A6490F89211647ADC4D8A38A1B34ECC1114DE6C6A8013A51F2DBB58B8
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<?xml version="1.0" encoding="iso-8859-1"?>.. Generator: Adobe Illustrator 18.0.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->..<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">..<svg version="1.1" id="Capa_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"... viewBox="0 0 210.107 210.107" style="enable-background:new 0 0 210.107 210.107;" xml:space="preserve">..<g>...<path style="fill:#c3c3c2;" d="M168.506,0H80.235C67.413,0,56.981,10.432,56.981,23.254v2.854h-15.38....c-12.822,0-23.254,10.432-23.254,23.254v137.492c0,12.822,10.432,23.254,23.254,23.254h88.271....c12.822,0,23.253-10.432,23.253-23.254V184h15.38c12.822,0,23.254-10.432,23.254-23.254V23.254C191.76,10.432,181.328,0,168.506,0z.... M138.126,186.854c0,4.551-3.703,8.254-8.253,8.254H41.601c-4.551,0-8.254-3.703-8.254-8.254V49.361....c0-4.551,3.703-8.254,8.254-8.254h88.271c4.551,0,8.253,3.703,8.253,8.254V186.854z M176.76,160.74

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_calculator_gray.f29de877.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):5175
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.933853115875902
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:FJpkgJIjAwPNke13W1eKL7T2+mb93ore1phgUT2v+CS:FJpk15zN1rhgUT2v+CS
                                                                                                                                                                                                                                                                                    MD5:CF8666E7736704C07412232858C9CBA3
                                                                                                                                                                                                                                                                                    SHA1:EE8666C41448498D22620353C27EB8489D763249
                                                                                                                                                                                                                                                                                    SHA-256:E1E0907E45A212DD9EAD8243A6C1B07907BE5E51F4399AAB6531E285322B1925
                                                                                                                                                                                                                                                                                    SHA-512:332195DB62034A4FB5D6D86B9F25BFBA5EF57C77B57EECDA23B9D5CB0D129B5684215C8DD45300B8A611926C3A593FF6447454F7B0A97B6FBC010C9B82DF8B1D
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="14" height="15" viewBox="0 0 14 15" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M1.16071 0C4.77679 0 8.37054 0 11.9866 0C12.0089 0 12.0089 0.0223228 12.0312 0.0223228C12.7232 0.156251 13.1696 0.647323 13.1696 1.36161C13.1696 5.44643 13.1696 9.55357 13.1696 13.6384C13.1696 14.4196 12.5893 15 11.808 15C8.32589 15 4.84375 15 1.36161 15C1.16071 15 0.937499 14.9554 0.758927 14.8661C0.223213 14.6205 0 14.1741 0 13.5938C0 10.8705 0 8.14732 0 5.42411C0 4.08482 0 2.72322 0 1.38393C0 0.959823 0.156249 0.580358 0.491071 0.3125C0.669642 0.133929 0.915178 0.0446429 1.16071 0ZM12.2768 7.47768C12.2768 5.46875 12.2768 3.4375 12.2768 1.42857C12.2768 1.02679 12.1205 0.870536 11.7188 0.870536C8.28125 0.870536 4.84375 0.870536 1.42857 0.870536C1.02678 0.870536 0.870534 1.02679 0.870534 1.42857C0.870534 5.46875 0.870534 9.50893 0.870534 13.5491C0.870534 13.9509 1.02678 14.1071 1.42857 14.1071C4.86607 14.1071 8.30357 14.1071 11.7188 14.1071C12.1205 14.1071 12.2768 13.9509 12.2768 1

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_calculator_white.cdac319f.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2823
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.491649868709728
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:cSA+fE1jgL58sH7b8NaRB0sKWDvFqfsGzlaQSUU+m2ALAX92VHcX12rtDkU5:W+fom1bbgEB0sKWDgUwlaMU+m2ALAt2d
                                                                                                                                                                                                                                                                                    MD5:0F2E1681746D0E29CF14FE6D88B557D7
                                                                                                                                                                                                                                                                                    SHA1:BB983801F298AF8693088BC47C6B62C5640D0BDF
                                                                                                                                                                                                                                                                                    SHA-256:E958BEC8452B258F1A9103B8C5CA2ABE6ADDA0FA0F6D1D443E5122CF79BA1CB9
                                                                                                                                                                                                                                                                                    SHA-512:C9BEBE4EBAE0C26B0355FEAEADA465CB111C740E2251279ABFBDC722C6E5A2B5780D136E23F256FD8B9A5013588789EA74021E11E472CDC4C181A57978889179
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<?xml version="1.0" encoding="utf-8"?>.. Generator: Adobe Illustrator 22.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0) -->..<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"... viewBox="0 0 14 15" style="enable-background:new 0 0 14 15;" xml:space="preserve">..<style type="text/css">....st0{fill:#FFFFFF;}..</style>..<g>...<path class="st0" d="M1.2,0C4.8,0,8.4,0,12,0c0,0,0,0,0,0c0.7,0.1,1.1,0.6,1.1,1.3c0,4.1,0,8.2,0,12.3c0,0.8-0.6,1.4-1.4,1.4....c-3.5,0-7,0-10.4,0c-0.2,0-0.4,0-0.6-0.1C0.2,14.6,0,14.2,0,13.6c0-2.7,0-5.4,0-8.2c0-1.3,0-2.7,0-4C0,1,0.2,0.6,0.5,0.3....C0.7,0.1,0.9,0,1.2,0z M12.3,7.5c0-2,0-4,0-6c0-0.4-0.2-0.6-0.6-0.6c-3.4,0-6.9,0-10.3,0C1,0.9,0.9,1,0.9,1.4c0,4,0,8.1,0,12.1....c0,0.4,0.2,0.6,0.6,0.6c3.4,0,6.9,0,10.3,0c0.4,0,0.6-0.2,0.6-0.6C12.3,11.5,12.3,9.5,12.3,7.5z"/>...<path class="st0" d="M6.6,1.8c1.4,0,2.9,0,4.3,0c0.4,0,0.5,0.2,0.5,0.5c0,1.1,0,2.3,0,3.4c0,0.4-0.2,0.5-0.5,0.5....c-2.9,

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_check_gray.fc098a35.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):854
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.266600052838456
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24:twdvCuJNOLLgF1Q+HmplV5c0L/IgT6REUXvdZSz0LU:6dYAuZZrIgTJOvfy0Q
                                                                                                                                                                                                                                                                                    MD5:6D54B2DFCD9A05985B1D2BDDFD513F60
                                                                                                                                                                                                                                                                                    SHA1:DE6A21F663DB8895ADC4DB91BBD08A279301322F
                                                                                                                                                                                                                                                                                    SHA-256:5586C361B2D63F488784A4140DBCC1A5D81FEB5ECB747CFCB420597D325F47BC
                                                                                                                                                                                                                                                                                    SHA-512:E9A6C7ED962B0972E2DD333DA6340D721BF9BD4840B50E8D8A074AF315D2C3ED5502415856FD888FC3CD35116E013E18450EEFB8DD11BB03E9829CB886A8EDED
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="20" height="16" viewBox="0 0 20 16" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M20 1.27078C19.8339 1.53302 19.6923 1.81505 19.492 2.04761C15.6234 6.5403 11.7451 11.0231 7.87163 15.5109C7.43202 16.0205 6.90938 16.1392 6.42092 15.8325C6.31346 15.7632 6.21577 15.6692 6.12785 15.5752C4.19356 13.4971 2.26904 11.409 0.334758 9.33092C-0.310005 8.63822 0.0514528 7.68327 0.784137 7.50515C1.13583 7.42103 1.45821 7.48535 1.73174 7.73275C1.85386 7.8416 1.96132 7.9653 2.07366 8.08405C3.66603 9.80592 5.26328 11.5278 6.85565 13.2497C6.88007 13.2744 6.89472 13.2991 6.9338 13.3437C7.00707 13.2596 7.07545 13.1903 7.13407 13.1161C10.7877 8.89551 14.4414 4.66505 18.0901 0.434588C18.5737 -0.124525 19.3162 -0.149265 19.7509 0.390057C19.8632 0.528598 19.917 0.711671 20 0.870004C20 1.00855 20 1.13719 20 1.27078Z" fill="#444444"/>..</svg>..

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_check_white.f080410d.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):852
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.275850671375772
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24:twdvCuJNOLLgF1Q+HmplV5c0L/IgT6REUXvdZSz0LHA:6dYAuZZrIgTJOvfy00
                                                                                                                                                                                                                                                                                    MD5:2CCC89303FC39BE9450730A8B415E094
                                                                                                                                                                                                                                                                                    SHA1:F2E2BEB598038D58CC094C1AD1DEA58F2BB5F1BE
                                                                                                                                                                                                                                                                                    SHA-256:E7503A4E3E81C886FAF1B512F0BA5A409927D8B192E329FF1BB6882816B6FA85
                                                                                                                                                                                                                                                                                    SHA-512:D0E5C8118C813E786555CC2CD73D7D9BA0457A163E1D1F9B357A00A13DACCDC8E2963441C4CAFB07B960AF2980AF908E511DC74BC3BEDC3F5CCD25C7BD33EC08
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="20" height="16" viewBox="0 0 20 16" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M20 1.27078C19.8339 1.53302 19.6923 1.81505 19.492 2.04761C15.6234 6.5403 11.7451 11.0231 7.87163 15.5109C7.43202 16.0205 6.90938 16.1392 6.42092 15.8325C6.31346 15.7632 6.21577 15.6692 6.12785 15.5752C4.19356 13.4971 2.26904 11.409 0.334758 9.33092C-0.310005 8.63822 0.0514528 7.68327 0.784137 7.50515C1.13583 7.42103 1.45821 7.48535 1.73174 7.73275C1.85386 7.8416 1.96132 7.9653 2.07366 8.08405C3.66603 9.80592 5.26328 11.5278 6.85565 13.2497C6.88007 13.2744 6.89472 13.2991 6.9338 13.3437C7.00707 13.2596 7.07545 13.1903 7.13407 13.1161C10.7877 8.89551 14.4414 4.66505 18.0901 0.434588C18.5737 -0.124525 19.3162 -0.149265 19.7509 0.390057C19.8632 0.528598 19.917 0.711671 20 0.870004C20 1.00855 20 1.13719 20 1.27078Z" fill="white"/>..</svg>..

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_clipboard_gray.c8a9351b.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):4743
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.9546492458044593
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:WvGuaiHhGE3LbNnWnbzPPFUKEcgVGoa59g04szf5u48xMg3vf:WOhiHJe3PPFUhc4Go8s6fAks
                                                                                                                                                                                                                                                                                    MD5:386F6BF2308D42F9D6E2B56C6BFB0C51
                                                                                                                                                                                                                                                                                    SHA1:F59465E5D827949B20728DE697019C28F3E58C78
                                                                                                                                                                                                                                                                                    SHA-256:4091F05BAFD814DA9D094477C087FEBAD0ADBC9910CFF507EEAC4B58FD207139
                                                                                                                                                                                                                                                                                    SHA-512:FB972C58B6B05BFF4D625807B675855C3CD4112D798361DCDAFD8F26521684FAA69EEEC380043DB21759EE51727315BB2632AFE03CB3CB57AB684D5CD9A065D8
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="11" height="15" viewBox="0 0 11 15" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M8.19271 0C8.45052 0.0894632 8.65104 0.238569 8.73698 0.53678C8.76563 0.626243 8.76563 0.745525 8.76563 0.864809C8.88021 0.864809 8.99479 0.864809 9.08073 0.864809C9.33854 0.864809 9.59635 0.864813 9.82552 0.924455C10.513 1.07356 10.9714 1.72962 11 2.44533C11 2.80318 11 3.16103 11 3.51889C11 6.76938 11 10.0497 11 13.3002C11 13.9861 10.7135 14.5229 10.112 14.8509C9.91146 14.9404 9.68229 15 9.45313 15C6.81771 15 4.18229 15 1.51823 15C0.658851 15 0 14.2843 0 13.3598C0 11.004 0 8.61829 0 6.26242C0 5.03976 0 3.78728 0 2.56461C0 1.84891 0.286453 1.31213 0.916662 1.01391C1.11718 0.924451 1.375 0.89463 1.60417 0.864809C1.80469 0.834988 2.03385 0.864809 2.26302 0.864809C2.26302 0.805167 2.26302 0.745525 2.26302 0.715704C2.29167 0.387672 2.4349 0.149107 2.72135 0.0298229C2.75 0.0298229 2.77864 0 2.80729 0C4.64062 0 6.41667 0 8.19271 0ZM2.29167 1.75944C2.09115 1.75944 1.89062 1.75944 1.6901 1

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_clipboard_white.2afacb39.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):4729
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.9826071199242548
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:WvGuaiHhGE3LbNnWnuzUPFUKEcpVGda59g04Rzf5u47xMg3vc:WOhiHJegUPFUhc7Gd8slfA9X
                                                                                                                                                                                                                                                                                    MD5:7B3329DB8105F1C10A0432343AA96772
                                                                                                                                                                                                                                                                                    SHA1:4AC72B85DCF695F50F6DD28A37B98A21DBAB0AF3
                                                                                                                                                                                                                                                                                    SHA-256:50FDF658E0D765F71D1265B574BA6EE514AF0BFC6057CEAC817E84906BA1A627
                                                                                                                                                                                                                                                                                    SHA-512:6E844379BDE23E22A19739B405F8193ABFE0C1A640D46C0004747CDBC41228B5E6C4A0428479EC38DDD1A7D60BAE247E44E05877357F3BDFE6BFB53592F1B5E1
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="11" height="15" viewBox="0 0 11 15" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M8.19271 0C8.45052 0.0894632 8.65104 0.238569 8.73698 0.53678C8.76563 0.626243 8.76563 0.745525 8.76563 0.864809C8.88021 0.864809 8.99479 0.864809 9.08073 0.864809C9.33854 0.864809 9.59635 0.864813 9.82552 0.924455C10.513 1.07356 10.9714 1.72962 11 2.44533C11 2.80318 11 3.16103 11 3.51889C11 6.76938 11 10.0497 11 13.3002C11 13.9861 10.7135 14.5229 10.112 14.8509C9.91146 14.9404 9.68229 15 9.45313 15C6.81771 15 4.18229 15 1.51823 15C0.658851 15 0 14.2843 0 13.3598C0 11.004 0 8.61829 0 6.26242C0 5.03976 0 3.78728 0 2.56461C0 1.84891 0.286453 1.31213 0.916662 1.01391C1.11718 0.924451 1.375 0.89463 1.60417 0.864809C1.80469 0.834988 2.03385 0.864809 2.26302 0.864809C2.26302 0.805167 2.26302 0.745525 2.26302 0.715704C2.29167 0.387672 2.4349 0.149107 2.72135 0.0298229C2.75 0.0298229 2.77864 0 2.80729 0C4.64062 0 6.41667 0 8.19271 0ZM2.29167 1.75944C2.09115 1.75944 1.89062 1.75944 1.6901 1

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_cross_gray_2.01bfd543.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1592
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.004290849514056
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24:tVvnjuJt7JBGAYIhm2mrLaqtQuFSgjmBwaonaOSvxZG2LvwuZ3+DExmbRlpQmNcs:rn6zGIkJrLTFVmKoZJLQ4gRCai6fWM
                                                                                                                                                                                                                                                                                    MD5:D9F81AE3849F84F6F219B2831F088247
                                                                                                                                                                                                                                                                                    SHA1:A0F7835AA9CD1261E3E2839B41055A3DD24A8637
                                                                                                                                                                                                                                                                                    SHA-256:DA9DFE3D7B3033B518E8E2BD6C708A0F30F28E6013E696F8CEF108D2B64E0F35
                                                                                                                                                                                                                                                                                    SHA-512:21D60604A97B9C084D924EA8C3C258990F818F2D44621C5F7D14380736BCF05ACDFF0DF31C5F9E71EAF68977FD2CA790E57AA6FFBF803DE1F88A45FAEBD3587F
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M0.930186 15.0723C0.877158 14.88 0.80093 14.6911 0.784359 14.4956C0.761161 14.1741 0.933506 13.9288 1.15225 13.7101C2.94199 11.9204 4.73173 10.1306 6.52146 8.34088C6.58112 8.28122 6.64078 8.22156 6.72032 8.14202C6.65072 8.07242 6.59438 8.01608 6.53472 7.95642C4.77152 6.19322 3.01494 4.42338 1.24511 2.67344C0.800997 2.23595 0.638599 1.78189 0.933576 1.20851C1.02638 1.11571 1.11918 1.02291 1.20866 0.933425C1.4009 0.880395 1.58981 0.804165 1.78535 0.787593C2.10684 0.764391 2.3521 0.936733 2.57085 1.15548C4.36056 2.94519 6.15028 4.73491 7.94331 6.52795C8.00297 6.5876 8.06263 6.64726 8.14217 6.7268C8.21177 6.6572 8.26812 6.60086 8.32777 6.5412C10.1275 4.74152 11.9271 2.94184 13.7268 1.14216C14.1312 0.73781 14.6151 0.671521 15.0525 0.943292C15.5165 1.23495 15.6458 1.88787 15.3309 2.3353C15.258 2.43473 15.1752 2.52422 15.0857 2.61371C13.3092 4.39019 11.5327 6.16667 9.75623 7.94315C9.69658

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_cross_white_2.05921d5e.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1590
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.012220474436418
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24:tVvnjuJt7JBGAYIhm2mrLaqtQuFSgjmBwaonaOSvxZG2LvwuZ3+DExmbRlpQmNcX:rn6zGIkJrLTFVmKoZJLQ4gRCai6fQ
                                                                                                                                                                                                                                                                                    MD5:4DB5D94C4F838E720E17332EDF740EBC
                                                                                                                                                                                                                                                                                    SHA1:D28ED3AD9E3A5EFE37DD1012C5F9F1E494C32883
                                                                                                                                                                                                                                                                                    SHA-256:52151748BF54BE05AD5D26EB0FE3209E5EAFDEDB04AF6F1EB80D758E375A3E6C
                                                                                                                                                                                                                                                                                    SHA-512:8264399F4119897182DFA43EA447DA2EF80ED6451677A66C12ECC4547BDCBD0762AA11CC3D89E948A32CA1C4B59952B267B2FADBDCB84A827E7DB2D66777837C
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M0.930186 15.0723C0.877158 14.88 0.80093 14.6911 0.784359 14.4956C0.761161 14.1741 0.933506 13.9288 1.15225 13.7101C2.94199 11.9204 4.73173 10.1306 6.52146 8.34088C6.58112 8.28122 6.64078 8.22156 6.72032 8.14202C6.65072 8.07242 6.59438 8.01608 6.53472 7.95642C4.77152 6.19322 3.01494 4.42338 1.24511 2.67344C0.800997 2.23595 0.638599 1.78189 0.933576 1.20851C1.02638 1.11571 1.11918 1.02291 1.20866 0.933425C1.4009 0.880395 1.58981 0.804165 1.78535 0.787593C2.10684 0.764391 2.3521 0.936733 2.57085 1.15548C4.36056 2.94519 6.15028 4.73491 7.94331 6.52795C8.00297 6.5876 8.06263 6.64726 8.14217 6.7268C8.21177 6.6572 8.26812 6.60086 8.32777 6.5412C10.1275 4.74152 11.9271 2.94184 13.7268 1.14216C14.1312 0.73781 14.6151 0.671521 15.0525 0.943292C15.5165 1.23495 15.6458 1.88787 15.3309 2.3353C15.258 2.43473 15.1752 2.52422 15.0857 2.61371C13.3092 4.39019 11.5327 6.16667 9.75623 7.94315C9.69658

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_dashboard_gray.3a181243.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):4264
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.894045254391696
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:+JHedx8iSdAwpGi30T09xMR99wgr+rBKD0iMt9V0BG:+JM+v+0fswcDMt9VgG
                                                                                                                                                                                                                                                                                    MD5:E25CBB3FF275E58AF7891E0B857550A1
                                                                                                                                                                                                                                                                                    SHA1:5FA0E6C032B080FC7A2E37ACADAA46D7F7AB04E2
                                                                                                                                                                                                                                                                                    SHA-256:25FFBB8EEAC1F9A707570095599CE2349846836631CB2233D8273B4180425213
                                                                                                                                                                                                                                                                                    SHA-512:BE2E449A4E86B723CA3881547F2CF11A305269EDE4DCB62EB94EEF44FC72E99EB0AE95B253735BD69BF10E814512B93AD8420193AF13598D0CEC987AA5F2A6C2
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="20" height="21" viewBox="0 0 20 21" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M20.0001 10.7624L19.9644 10.7985C19.7505 11.593 19.2514 11.9903 18.4315 11.9903C16.542 11.9903 14.6525 11.9903 12.763 11.9903C12.6204 11.9903 12.5135 11.9903 12.3709 11.9903C11.4796 11.9903 10.8379 11.3402 10.8379 10.4374C10.8379 9.78739 10.8379 9.17347 10.8379 8.52344C10.8379 6.32057 10.8379 4.1538 10.8379 1.95092C10.8379 0.903652 11.1231 0.506411 12.0857 0.181396C14.3316 0.181396 16.542 0.181396 18.788 0.181396C19.1088 0.289735 19.4653 0.434186 19.6436 0.723088C19.7862 0.939764 19.8575 1.19255 19.9644 1.44534C20.0001 4.58715 20.0001 7.69285 20.0001 10.7624ZM18.7523 6.14C18.7523 4.69549 18.7523 3.28709 18.7523 1.84258C18.7523 1.55368 18.7167 1.51757 18.4315 1.51757C16.435 1.51757 14.4386 1.51757 12.4422 1.51757C12.157 1.51757 12.0857 1.55368 12.0857 1.84258C12.0857 4.69549 12.0857 7.58451 12.0857 10.4374C12.0857 10.7263 12.157 10.7985 12.4422 10.7985C14.4386 10.7985 16.435 10.7985

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_dashboard_white.a91ae220.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):4238
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.914834455290012
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:bMT1fU8EHCzbublIDQqirLwl4w1y97ZgILgzB:bS1giubk6kwtgILgzB
                                                                                                                                                                                                                                                                                    MD5:2A64F22D46EF697D361BC13F4E5EC382
                                                                                                                                                                                                                                                                                    SHA1:8F4277EA88024B458509538814E3A50BD20F0F04
                                                                                                                                                                                                                                                                                    SHA-256:33629801FE35C15E2803A47C1ED0B8E21F38114119F05D64EBD65E5DA246B7CA
                                                                                                                                                                                                                                                                                    SHA-512:6A9FC6FC4526D36FC259BF104F35418FB0914E32314975666E8EF01BC1D940263CC2F3109051E112A26A7FE42895762729F3FF5DC1E4C6D8ADF2A0E1CFD410E9
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="20" height="20" viewBox="0 0 20 20" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M20.0001 10.4456L19.9644 10.4813C19.7505 11.2656 19.2514 11.6578 18.4315 11.6578C16.542 11.6578 14.6525 11.6578 12.763 11.6578C12.6204 11.6578 12.5135 11.6578 12.3709 11.6578C11.4796 11.6578 10.8379 11.016 10.8379 10.1248C10.8379 9.48307 10.8379 8.87701 10.8379 8.23529C10.8379 6.06061 10.8379 3.92157 10.8379 1.74688C10.8379 0.713012 11.1231 0.320856 12.0857 0C14.3316 0 16.542 0 18.788 0C19.1088 0.106952 19.4653 0.249554 19.6436 0.534759C19.7862 0.748663 19.8575 0.998217 19.9644 1.24777C20.0001 4.34938 20.0001 7.41533 20.0001 10.4456ZM18.7523 5.88235C18.7523 4.45633 18.7523 3.06595 18.7523 1.63993C18.7523 1.35472 18.7167 1.31907 18.4315 1.31907C16.435 1.31907 14.4386 1.31907 12.4422 1.31907C12.157 1.31907 12.0857 1.35472 12.0857 1.63993C12.0857 4.45633 12.0857 7.30838 12.0857 10.1248C12.0857 10.41 12.157 10.4813 12.4422 10.4813C14.4386 10.4813 16.435 10.4813 18.4315 10.4813C18.7167

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_gamepad_gray.d7229273.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):6098
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.8868971852897896
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:2masVg2zPxVlBJr0GVdGrp7YAFPa6aswXXoluwFw0wsOVmc0BLMpHLJklLMp+sLQ:+sVg2zPxjjVdgpMAFPaJ3HoluwFw0wVq
                                                                                                                                                                                                                                                                                    MD5:8EBCB6408685047BE3BD1996D4000EE4
                                                                                                                                                                                                                                                                                    SHA1:F16881FF86F16B8C4D725E17584ECE870CD6727F
                                                                                                                                                                                                                                                                                    SHA-256:BA281665918CA2AB863CE98626153153931F2D99FEE645F7479118F91C66C9F2
                                                                                                                                                                                                                                                                                    SHA-512:276FD1A09BDE77261210114F5FE6E3C796DAA6C85183CC206200B9BB0D148AB914981AE162A0D9FF901171A394A98708E672A8C002FDBEB4138488BF80944C5F
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="16" height="11" viewBox="0 0 16 11" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M16 8.62987C15.9472 8.92217 15.9117 9.21777 15.8394 9.50569C15.7505 9.90773 15.5371 10.275 15.2269 10.56C14.6695 11.057 13.8597 11.138 13.1554 10.7669C12.6421 10.4875 12.1924 10.1131 11.8329 9.66553C11.4245 9.17616 11.0495 8.66271 10.6675 8.15364C10.6453 8.11432 10.6121 8.08164 10.5716 8.05922C10.5311 8.0368 10.4849 8.02553 10.4381 8.02664C8.81238 8.03102 7.18705 8.03102 5.5621 8.02664C5.51686 8.02284 5.47145 8.03194 5.43163 8.0528C5.39182 8.07365 5.35938 8.10532 5.33844 8.14378C4.90194 8.82765 4.38931 9.46449 3.80946 10.0432C3.47452 10.3927 3.06867 10.6735 2.61655 10.8687C2.2413 11.0212 1.82147 11.0416 1.43196 10.9261C1.04246 10.8106 0.708611 10.5667 0.489974 10.2381C0.217225 9.81192 0.0595757 9.32778 0.0311659 8.82912C-0.0766541 7.71682 0.109163 6.6286 0.375272 5.55243C0.728555 4.12921 1.22177 2.74649 1.97078 1.46231C2.19701 1.09466 2.45605 0.746321 2.74502 0.421172C2.85915 0.287

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_gamepad_white.25a7995d.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):6086
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.9063223215918432
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:2masVg2zPxVlBJr0GVdGrp7YAFPa6RswXXoluwFw0wsOVmc0BLMpHLQklLxp+bLC:+sVg2zPxjjVdgpMAFPaq3HoluwFw0wVt
                                                                                                                                                                                                                                                                                    MD5:048482A7B181541A174551C016205A44
                                                                                                                                                                                                                                                                                    SHA1:5A5C2E2F813768E3C3C096ABDB209F55C5F2FCE3
                                                                                                                                                                                                                                                                                    SHA-256:968A15C711DA89D4A150521A1889633C5967731EAB81C6A14DFFA352B325BC7E
                                                                                                                                                                                                                                                                                    SHA-512:873070DE6578A9751FB2718F2C73E6ED8FA15F0C76C34D03E0A359658F5B885EFC5388DDDFB458CCFB99D44025983EAFCD595DE7C6218F1DAC81228D75F40F4C
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="16" height="11" viewBox="0 0 16 11" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M16 8.62987C15.9472 8.92217 15.9117 9.21777 15.8394 9.50569C15.7505 9.90773 15.5371 10.275 15.2269 10.56C14.6695 11.057 13.8597 11.138 13.1554 10.7669C12.6421 10.4875 12.1924 10.1131 11.8329 9.66553C11.4245 9.17616 11.0495 8.66271 10.6675 8.15364C10.6453 8.11432 10.6121 8.08164 10.5716 8.05922C10.5311 8.0368 10.4849 8.02553 10.4381 8.02664C8.81238 8.03102 7.18705 8.03102 5.5621 8.02664C5.51686 8.02284 5.47145 8.03194 5.43163 8.0528C5.39182 8.07365 5.35938 8.10532 5.33844 8.14378C4.90194 8.82765 4.38931 9.46449 3.80946 10.0432C3.47452 10.3927 3.06867 10.6735 2.61655 10.8687C2.2413 11.0212 1.82147 11.0416 1.43196 10.9261C1.04246 10.8106 0.708611 10.5667 0.489974 10.2381C0.217225 9.81192 0.0595757 9.32778 0.0311659 8.82912C-0.0766541 7.71682 0.109163 6.6286 0.375272 5.55243C0.728555 4.12921 1.22177 2.74649 1.97078 1.46231C2.19701 1.09466 2.45605 0.746321 2.74502 0.421172C2.85915 0.287

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_gear_gray.545673b6.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):6801
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.7386877939405805
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:192:VPxlcoEiWxAGY/Eetsf/k9aLNyh6JwpM2LkgL8en:Jx2CyAhtsE9aZLT/gv
                                                                                                                                                                                                                                                                                    MD5:6DD649E7B024D0758023476637791EFF
                                                                                                                                                                                                                                                                                    SHA1:47EAC14A729C1A1C314C644BD28FA8C7D8B6D24D
                                                                                                                                                                                                                                                                                    SHA-256:663F3C16A7075FF42266008720D8D859F54E366040496F95E828E892DCAE6A7E
                                                                                                                                                                                                                                                                                    SHA-512:3887A01D6329B979A683A6322508FD75C6C66369605133FBFA373E503CC2A199204002E5FEB382D163D67CB2DFBCD698AFB57C770916C1A5B6BB592261A1FE7C
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="21" height="21" viewBox="0 0 21 21" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M9.56484 0C10.1938 0 10.8227 0 11.4516 0C11.4734 0.0109432 11.4953 0.0273583 11.5227 0.0328299C12.3539 0.207921 12.9336 0.798855 13.0703 1.63054C13.1031 1.82204 13.0977 2.02449 13.0922 2.22147C13.0922 2.33637 13.125 2.38562 13.2344 2.42392C13.4859 2.51147 13.732 2.60995 13.9781 2.71391C14.1203 2.7741 14.2734 2.90542 14.4047 2.88901C14.5305 2.86712 14.6344 2.6975 14.7492 2.58807C15.5203 1.86582 16.6469 1.8494 17.418 2.57165C17.7789 2.90542 18.1289 3.2556 18.457 3.61673C18.8891 4.09276 19.0367 4.65633 18.9164 5.29104C18.8398 5.71782 18.6156 6.06253 18.3094 6.358C18.0742 6.58781 18.0797 6.58781 18.2109 6.8778C18.3148 7.10761 18.4133 7.34289 18.5008 7.57817C18.6266 7.91193 18.6211 7.91193 18.9766 7.91193C19.8516 7.91741 20.5461 8.35513 20.8523 9.11569C20.9125 9.25795 20.9508 9.41115 21 9.55889C21 10.1881 21 10.8174 21 11.4466C20.9836 11.4904 20.9672 11.5341 20.9563 11.5779C20.8141 12.1

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_gear_white.2bba31c1.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):6797
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.744755737482207
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:192:VPxlcoEiWxAGY/Eetsf/k9aLNyh6JwpM2LkgLbe0:Jx2CyAhtsE9aZLT/gV
                                                                                                                                                                                                                                                                                    MD5:C29E6ED919C2A6DE97D06B2AE745DE71
                                                                                                                                                                                                                                                                                    SHA1:D5FBD0DBFBD471CE494FD822C8846D4460BD1545
                                                                                                                                                                                                                                                                                    SHA-256:2B35B1B5EAB5E23F2FE6E3B1178A81933241006D56FC2731E40323B5E6AEE94A
                                                                                                                                                                                                                                                                                    SHA-512:07C65E7CB30FA0D0B8054EDAB7AA9AA0625826C4327681E14AC06849C7DBD0722F2487D9564ADCF2CDF819352E78492B65620C0352F043818D4839674D21B2F0
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="21" height="21" viewBox="0 0 21 21" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M9.56484 0C10.1938 0 10.8227 0 11.4516 0C11.4734 0.0109432 11.4953 0.0273583 11.5227 0.0328299C12.3539 0.207921 12.9336 0.798855 13.0703 1.63054C13.1031 1.82204 13.0977 2.02449 13.0922 2.22147C13.0922 2.33637 13.125 2.38562 13.2344 2.42392C13.4859 2.51147 13.732 2.60995 13.9781 2.71391C14.1203 2.7741 14.2734 2.90542 14.4047 2.88901C14.5305 2.86712 14.6344 2.6975 14.7492 2.58807C15.5203 1.86582 16.6469 1.8494 17.418 2.57165C17.7789 2.90542 18.1289 3.2556 18.457 3.61673C18.8891 4.09276 19.0367 4.65633 18.9164 5.29104C18.8398 5.71782 18.6156 6.06253 18.3094 6.358C18.0742 6.58781 18.0797 6.58781 18.2109 6.8778C18.3148 7.10761 18.4133 7.34289 18.5008 7.57817C18.6266 7.91193 18.6211 7.91193 18.9766 7.91193C19.8516 7.91741 20.5461 8.35513 20.8523 9.11569C20.9125 9.25795 20.9508 9.41115 21 9.55889C21 10.1881 21 10.8174 21 11.4466C20.9836 11.4904 20.9672 11.5341 20.9563 11.5779C20.8141 12.1

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_notification_gray.e0145c50.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):3605
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.914389459303166
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:FIQXafQMoWADNaEoUFXMl10h+DNs9eKjrOIntIE:F7XgiDNaEvs1SGCrOItB
                                                                                                                                                                                                                                                                                    MD5:477A237F6AE8615FA3C957919C161FFC
                                                                                                                                                                                                                                                                                    SHA1:735FF4EB4377A45B2D2D5A8E7C305F6B6AF287C7
                                                                                                                                                                                                                                                                                    SHA-256:A676CCE75141D03F6264C5D65398BE6021379FEF9A2BB25BA64549EFB8066B42
                                                                                                                                                                                                                                                                                    SHA-512:5663DA1BF748E3A62A4D5919C4E1FEFE95DF60AB46E9DA6C03B6417854CC9A516F38C5EA14AB21A775EA9D3BA0630D830AF7379CC62FC17E84EA18B402666D30
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="14" height="15" viewBox="0 0 14 15" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M13.98 6.12847C13.98 6.2105 13.9925 6.29644 13.9759 6.37457C13.9344 6.59722 13.7107 6.75347 13.4828 6.73394C13.2424 6.71441 13.0601 6.53082 13.0559 6.28863C13.0476 5.76519 12.9813 5.24957 12.828 4.74175C12.5504 3.82379 12.0614 3.0191 11.3611 2.3316C11.1042 2.0816 11.0793 1.81597 11.2906 1.62457C11.502 1.43316 11.7838 1.47222 12.0365 1.72222C13.0684 2.74175 13.6982 3.94488 13.9179 5.33941C13.9593 5.60113 13.9717 5.86285 14.0007 6.12457C13.9883 6.12847 13.9842 6.12847 13.98 6.12847Z" fill="#494444"/>..<path d="M7.1786 0C7.39409 0.0859375 7.63029 0.148438 7.82505 0.269531C8.19386 0.503906 8.37205 0.859375 8.38863 1.28125C8.39691 1.5 8.38863 1.71875 8.38863 1.94141C8.59582 2.01953 8.79887 2.08203 8.99364 2.17188C10.7879 3.01563 11.7369 4.38281 11.8074 6.27734C11.8322 6.92969 11.7991 7.58594 11.8405 8.23828C11.9275 9.54297 12.4041 10.7187 13.2163 11.7734C13.3986 12.0078 13.6058 12.2305

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_notification_white.addda272.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):3599
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.928807214825618
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:FIQXafQMoW3DNaEoUFXMl10h+DNs9eKjrOIutI/:F7XgZDNaEvs1SGCrOIUu
                                                                                                                                                                                                                                                                                    MD5:89DD3B8D872E8E8E8D51B3CD29C77023
                                                                                                                                                                                                                                                                                    SHA1:E4D6DAA5097FFE044C8DF59692FC2F3ABCF45668
                                                                                                                                                                                                                                                                                    SHA-256:A2DC2F231B7A3492ABCED87D8F1953CF313CFE3CDD32B38FEC3F6EDD270A26FD
                                                                                                                                                                                                                                                                                    SHA-512:4E731CF642CBC3BEBC5C858073336B6D923227B690253378A47B8A5220E2F28EFC8D2D6602728F1DC2D13ED5EB95B5F889813FE89BBA7E55A6A487F01E510203
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="14" height="15" viewBox="0 0 14 15" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M13.98 6.12847C13.98 6.2105 13.9925 6.29644 13.9759 6.37457C13.9344 6.59722 13.7107 6.75347 13.4828 6.73394C13.2424 6.71441 13.0601 6.53082 13.0559 6.28863C13.0476 5.76519 12.9813 5.24957 12.828 4.74175C12.5504 3.82379 12.0614 3.0191 11.3611 2.3316C11.1042 2.0816 11.0793 1.81597 11.2906 1.62457C11.502 1.43316 11.7838 1.47222 12.0365 1.72222C13.0684 2.74175 13.6982 3.94488 13.9179 5.33941C13.9593 5.60113 13.9717 5.86285 14.0007 6.12457C13.9883 6.12847 13.9842 6.12847 13.98 6.12847Z" fill="white"/>..<path d="M7.1786 0C7.39409 0.0859375 7.63029 0.148438 7.82505 0.269531C8.19386 0.503906 8.37205 0.859375 8.38863 1.28125C8.39691 1.5 8.38863 1.71875 8.38863 1.94141C8.59582 2.01953 8.79887 2.08203 8.99364 2.17188C10.7879 3.01563 11.7369 4.38281 11.8074 6.27734C11.8322 6.92969 11.7991 7.58594 11.8405 8.23828C11.9275 9.54297 12.4041 10.7187 13.2163 11.7734C13.3986 12.0078 13.6058 12.2305 13

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_screenshot_gray.01873dbe.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2232
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.9969278840420657
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:h3bDj6YrB+De50bRzctlW9MMCQ1zzC0lm6xM:1Dj6YsymRzpCTQ1zzC0li
                                                                                                                                                                                                                                                                                    MD5:73CD1627E147A8EAD813AD7201D75876
                                                                                                                                                                                                                                                                                    SHA1:9873BA2A53794A91E4DFB617D0D713DCC1EF5AFA
                                                                                                                                                                                                                                                                                    SHA-256:27AF99AEF7A11E5806946F03234615F4F96576936C87BF3E256572AD6D35BB3B
                                                                                                                                                                                                                                                                                    SHA-512:5EE5A96FC914E6D2E4481003B817F8CFA647C447CBA2254EB83EC75E606DACBDA1520D0C0CAF789103B53FC47CB825539748E703CAC99D41BB02A1E64711C7CA
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="12" height="14" viewBox="0 0 12 14" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M7.09854 10.2731C7.43835 9.88812 7.85096 9.62347 8.33639 9.50318C9.59851 9.19042 10.8849 9.98435 11.1519 11.2595C11.4189 12.5105 10.5451 13.7615 9.25871 13.954C7.94805 14.1705 6.73447 13.2323 6.61311 11.9331C6.58884 11.7166 6.51602 11.476 6.44321 11.2595C6.17622 10.4415 5.90923 9.62347 5.66652 8.80548C5.64225 8.75736 5.64225 8.70924 5.61798 8.63707C5.59371 8.70924 5.56943 8.7333 5.54516 8.78142C5.22963 9.74376 4.9141 10.7302 4.62284 11.6925C4.5743 11.8369 4.5743 11.9812 4.55003 12.1496C4.30731 13.3285 3.19082 14.1465 2.02578 13.9781C0.763661 13.8097 -0.110117 12.727 0.0112413 11.5C0.108328 10.5618 0.642303 9.88812 1.54035 9.57535C2.4384 9.26259 3.23936 9.47912 3.91897 10.1287C3.96751 10.1768 4.01605 10.2249 4.0646 10.2731C4.08887 10.2249 4.11314 10.1768 4.11314 10.1287C5.15682 6.90485 6.17622 3.65694 7.2199 0.433091C7.29272 0.240623 7.3898 0.0722124 7.60825 0.0240953C7.97232 -0.048

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_screenshot_white.0e82acc2.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2228
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.011244246624798
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:h3bDj6YrB+De50bRzctlWRMCQ1zzC0lm6t:1Dj6YsymRzpRTQ1zzC0lt
                                                                                                                                                                                                                                                                                    MD5:D4950E85D1EDD93F20A610F0B9575A1B
                                                                                                                                                                                                                                                                                    SHA1:6CF6227A85D9111DBBD9A23A2BBA528D31B591A2
                                                                                                                                                                                                                                                                                    SHA-256:4702B18CB5FAA0D6F56176EBE21011D2E994736BA0AFC52C961E3950F45E61EA
                                                                                                                                                                                                                                                                                    SHA-512:15B47F230A966FEFCBE1BA1BC6D700FACF7978B22A7913388C3269D13A140AA634364121473A7152997EE5146FC5BED9697C00D7018F025CEB6BFB3018C64ABD
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="12" height="14" viewBox="0 0 12 14" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M7.09854 10.2731C7.43835 9.88812 7.85096 9.62347 8.33639 9.50318C9.59851 9.19042 10.8849 9.98435 11.1519 11.2595C11.4189 12.5105 10.5451 13.7615 9.25871 13.954C7.94805 14.1705 6.73447 13.2323 6.61311 11.9331C6.58884 11.7166 6.51602 11.476 6.44321 11.2595C6.17622 10.4415 5.90923 9.62347 5.66652 8.80548C5.64225 8.75736 5.64225 8.70924 5.61798 8.63707C5.59371 8.70924 5.56943 8.7333 5.54516 8.78142C5.22963 9.74376 4.9141 10.7302 4.62284 11.6925C4.5743 11.8369 4.5743 11.9812 4.55003 12.1496C4.30731 13.3285 3.19082 14.1465 2.02578 13.9781C0.763661 13.8097 -0.110117 12.727 0.0112413 11.5C0.108328 10.5618 0.642303 9.88812 1.54035 9.57535C2.4384 9.26259 3.23936 9.47912 3.91897 10.1287C3.96751 10.1768 4.01605 10.2249 4.0646 10.2731C4.08887 10.2249 4.11314 10.1768 4.11314 10.1287C5.15682 6.90485 6.17622 3.65694 7.2199 0.433091C7.29272 0.240623 7.3898 0.0722124 7.60825 0.0240953C7.97232 -0.048

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_search_gray.ebbaf632.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):702
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.39074490019929
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12:trVzNtuJlzaTATxgOyh0DIAK+aV/E4Ypk8FnOp8DQBW:tZzNtuJoTcxyu6fV7KbFnPsBW
                                                                                                                                                                                                                                                                                    MD5:86893B121171A45F3494D301D57E80F1
                                                                                                                                                                                                                                                                                    SHA1:739B6A99982CE3F6BF792876E72A8413D1583072
                                                                                                                                                                                                                                                                                    SHA-256:4D8B0003A1DA38931E9BA26483D517CD59E62EA14759FC36F14B0F1EC558C6B8
                                                                                                                                                                                                                                                                                    SHA-512:CABD9B44F635F3A1C9C8054004DE318FC3F875F6FD81DB722CD49FD29912E0720B656DD1BA81A5FF8B63C728A81A9A393618E0D18B07227F2AC937A954D9FEB0
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="12" height="12" viewBox="0 0 12 12" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M0.146939 11.1478L3.03184 8.26286C2.31673 7.39102 1.88571 6.27429 1.88571 5.05714C1.88571 2.26531 4.15102 0 6.94286 0C9.73714 0 12 2.26531 12 5.05714C12 7.84898 9.73714 10.1143 6.94286 10.1143C5.72571 10.1143 4.61143 9.68571 3.73959 8.97061L0.854693 11.8531C0.658775 12.049 0.342857 12.049 0.146939 11.8531C-0.0489798 11.6596 -0.0489798 11.3412 0.146939 11.1478ZM6.94286 9.10775C9.17878 9.10775 10.9959 7.29061 10.9959 5.05714C10.9959 2.82367 9.17878 1.00408 6.94286 1.00408C4.70939 1.00408 2.8898 2.82367 2.8898 5.05714C2.8898 7.29061 4.70939 9.10775 6.94286 9.10775Z" fill="#827A7A"/>..</svg>..

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_search_white.0c376446.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):700
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.387297248681374
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:12:trVzNtuJlzaTATxgOyh0DIAK+aV/E4Ypk8FnOp8DQBiHAA:tZzNtuJoTcxyu6fV7KbFnPsBHA
                                                                                                                                                                                                                                                                                    MD5:C6D2A075413FDBCB286B77A97F9B6F13
                                                                                                                                                                                                                                                                                    SHA1:2DAA74C58338CAFE94A25CAB8FFB92253C140BCF
                                                                                                                                                                                                                                                                                    SHA-256:A71D66F5B6FAC238513DAA379BAEE5B35F24EC42050DC21E056BF08310042888
                                                                                                                                                                                                                                                                                    SHA-512:387762B3A3D0B7F694CF633926B3777AAA45DCA5A31DC7C095BC0B235B7D49CE5818BE76F2B032CF4E3031DEC520C5C67FAB879968C0F203E2A44EEA2EE0499F
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="12" height="12" viewBox="0 0 12 12" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M0.146939 11.1478L3.03184 8.26286C2.31673 7.39102 1.88571 6.27429 1.88571 5.05714C1.88571 2.26531 4.15102 0 6.94286 0C9.73714 0 12 2.26531 12 5.05714C12 7.84898 9.73714 10.1143 6.94286 10.1143C5.72571 10.1143 4.61143 9.68571 3.73959 8.97061L0.854693 11.8531C0.658775 12.049 0.342857 12.049 0.146939 11.8531C-0.0489798 11.6596 -0.0489798 11.3412 0.146939 11.1478ZM6.94286 9.10775C9.17878 9.10775 10.9959 7.29061 10.9959 5.05714C10.9959 2.82367 9.17878 1.00408 6.94286 1.00408C4.70939 1.00408 2.8898 2.82367 2.8898 5.05714C2.8898 7.29061 4.70939 9.10775 6.94286 9.10775Z" fill="white"/>..</svg>..

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_support_gray.a272cc7a.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):3466
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.9394896115708424
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:qqr8WXm539LJck1/Syl7x6Ugu5mUctd2ji2REolr58DqJcgcBBs1Kmo6UZuEVlYd:4WXm53pJp/S86Uh58Gi2FV4ksShd
                                                                                                                                                                                                                                                                                    MD5:97A4CAA52C453393A3ACEDB7EB240010
                                                                                                                                                                                                                                                                                    SHA1:26353A64DD09BA4D0055D2F259266DABE7C1CC88
                                                                                                                                                                                                                                                                                    SHA-256:0A5439D793597DA248595B59290A41123A36BA90D47554ABE4E64147455BD86F
                                                                                                                                                                                                                                                                                    SHA-512:F1C236016CE294FDD70C584FAF045BF5DAF8DD4BBE2D453788CF78BB0397C61305C2C148651D9D8E52ECF08AF39264835781EF3A9496759870C7BA93A6BA2500
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="21" height="21" viewBox="0 0 21 21" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M9.89765 0C10.3083 0 10.719 0 11.1297 0C11.1845 0.0136988 11.2392 0.0273993 11.294 0.0273993C12.7588 0.123291 14.1551 0.520555 15.442 1.23289C18.399 2.86305 20.206 5.34254 20.8357 8.67136C20.9179 9.06862 20.9452 9.47958 21 9.87685C21 10.2878 21 10.6988 21 11.1097C20.9863 11.1645 20.9726 11.233 20.9589 11.2878C20.8631 12.7536 20.4661 14.1372 19.7679 15.4249C18.1389 18.3838 15.661 20.1921 12.3344 20.8222C11.9374 20.9044 11.5267 20.9318 11.116 20.9866C10.6917 20.9866 10.2673 20.9866 9.84289 20.9866C9.59648 20.9592 9.35007 20.9318 9.08996 20.8907C7.78944 20.6989 6.57106 20.3154 5.42112 19.6852C5.33898 19.6441 5.20209 19.6304 5.10626 19.6578C4.59974 19.8085 4.10691 19.9729 3.60039 20.1373C2.72425 20.4249 1.8618 20.7126 0.985658 20.9866C0.87614 20.9866 0.766624 20.9866 0.657106 20.9866C0.328553 20.877 0.109518 20.6578 0 20.329C0 20.2195 0 20.1099 0 20.0003C0.0136897 19.9866 0.027379 19.9

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_support_white.66ecfc42.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):3460
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.951932320279216
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:qqr8WXm539LJck1qSyl7x6Ugu5mUctd2ji2REolr5RqJcgcBBs1Kmo63uEVlYanL:4WXm53pJpqS86Uh58Gi2FVLksSwa
                                                                                                                                                                                                                                                                                    MD5:7BBD80A02464154C092ACBE7DD328730
                                                                                                                                                                                                                                                                                    SHA1:C5E8862B03D566CCE19001910B1254D0293C1D9F
                                                                                                                                                                                                                                                                                    SHA-256:F6B4616A88E746054F75133B879556D769B8A16395EDE1EFC723112BD41E218B
                                                                                                                                                                                                                                                                                    SHA-512:53A0B00F505D6AC3B4E737540DD02036778BC89C521083352A20EE1E63136C4D72A9F6482752ADA6D8E415C6D384197FC393F5AED907A45F1209926DA9F80C48
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="21" height="21" viewBox="0 0 21 21" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M9.89765 0C10.3083 0 10.719 0 11.1297 0C11.1845 0.0136988 11.2392 0.0273993 11.294 0.0273993C12.7588 0.123291 14.1551 0.520555 15.442 1.23289C18.399 2.86305 20.206 5.34254 20.8357 8.67136C20.9179 9.06862 20.9452 9.47958 21 9.87685C21 10.2878 21 10.6988 21 11.1097C20.9863 11.1645 20.9726 11.233 20.9589 11.2878C20.8631 12.7536 20.4661 14.1372 19.7679 15.4249C18.1389 18.3838 15.661 20.1921 12.3344 20.8222C11.9374 20.9044 11.5267 20.9318 11.116 20.9866C10.6917 20.9866 10.2673 20.9866 9.84289 20.9866C9.59648 20.9592 9.35007 20.9318 9.08996 20.8907C7.78944 20.6989 6.57106 20.3154 5.42112 19.6852C5.33898 19.6441 5.20208 19.6304 5.10626 19.6578C4.59974 19.8085 4.10691 19.9729 3.60039 20.1373C2.72425 20.4249 1.8618 20.7126 0.985658 20.9866C0.87614 20.9866 0.766624 20.9866 0.657106 20.9866C0.328553 20.877 0.109518 20.6578 0 20.329C0 20.2195 0 20.1099 0 20.0003C0.0136897 19.9866 0.027379 19.9

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_trash_gray.4f9b6bc3.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):4403
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.8960426134967934
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:sreYdijt0XCV30iqhzz9GaHPuPVsTasmBsoG2SuM2q6RW:saISGt95P6e2B4u7dW
                                                                                                                                                                                                                                                                                    MD5:360145CB691391CCC038500BAD652269
                                                                                                                                                                                                                                                                                    SHA1:4F2D87620766892151D6087962DCB08628FC1220
                                                                                                                                                                                                                                                                                    SHA-256:4E9DBDEE102A27F7B339857D9B888EB218E00456E42D1CE3747E4810DC4087C5
                                                                                                                                                                                                                                                                                    SHA-512:D2940AA1CBFC0ADE2AEFBCA312F077A23D84C7F4D1087D0D8FD87D9ADF7939AA9B2774AAE53B4A8F55AF4C946C7066193B5636FC44997F742B29A873E9EE5BEC
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="13" height="15" viewBox="0 0 13 15" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M4.62038 0C5.87329 0 7.12258 0 8.37549 0C8.39354 0.00732064 8.41159 0.0183016 8.42965 0.0219619C9.02541 0.124451 9.44425 0.560029 9.51285 1.16764C9.53451 1.35798 9.51646 1.55564 9.51646 1.76061C9.59951 1.76061 9.65006 1.76061 9.70422 1.76061C10.3577 1.76061 11.0149 1.75695 11.6684 1.76061C12.3111 1.76428 12.8202 2.17057 12.9647 2.78184C13.1019 3.34919 12.8311 3.97511 12.3003 4.23499C12.127 4.31918 12.08 4.42167 12.08 4.58638C12.08 4.59736 12.08 4.60469 12.0764 4.61567C11.9573 6.08712 11.8381 7.56223 11.719 9.03368C11.5962 10.5564 11.4698 12.0754 11.3471 13.5981C11.3182 13.9824 11.2207 14.3338 10.9391 14.6157C10.7296 14.8243 10.4697 14.9305 10.1917 15C7.72557 15 5.26308 15 2.79699 15C2.78977 14.9927 2.78255 14.9854 2.77533 14.9854C2.18318 14.8975 1.70657 14.396 1.65963 13.7299C1.59102 12.7928 1.50798 11.8521 1.43215 10.9151C1.33828 9.79136 1.24801 8.6713 1.15413 7.54758C1.07109 6.51

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_trash_white.1601c18d.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):4395
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.9130769273478307
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:sreYdijt0XCV30iqhzz9GaHPuPVs2asmBsVG2SuMnq6Rx:saISGt95P6eRB9uidx
                                                                                                                                                                                                                                                                                    MD5:B0F49189BE082A137803BEA947266CC9
                                                                                                                                                                                                                                                                                    SHA1:8733164F238BB6BC95614B91715408EA54C54E57
                                                                                                                                                                                                                                                                                    SHA-256:042BEFCC06513E3E81506FE03F28CA2986A11731A70F958D1F0CE0095924412F
                                                                                                                                                                                                                                                                                    SHA-512:B3E007E8284E32AA9B20BE9161CE7641F7953A23104C69265ADBB8E689CE683C0FED86DE8FC682B27C10EBAD10C0A6385EC58A7450F91D8A5541F54402EFECFF
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="13" height="15" viewBox="0 0 13 15" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M4.62038 0C5.87329 0 7.12258 0 8.37549 0C8.39354 0.00732064 8.41159 0.0183016 8.42965 0.0219619C9.02541 0.124451 9.44425 0.560029 9.51285 1.16764C9.53451 1.35798 9.51646 1.55564 9.51646 1.76061C9.59951 1.76061 9.65006 1.76061 9.70422 1.76061C10.3577 1.76061 11.0149 1.75695 11.6684 1.76061C12.3111 1.76428 12.8202 2.17057 12.9647 2.78184C13.1019 3.34919 12.8311 3.97511 12.3003 4.23499C12.127 4.31918 12.08 4.42167 12.08 4.58638C12.08 4.59736 12.08 4.60469 12.0764 4.61567C11.9573 6.08712 11.8381 7.56223 11.719 9.03368C11.5962 10.5564 11.4698 12.0754 11.3471 13.5981C11.3182 13.9824 11.2207 14.3338 10.9391 14.6157C10.7296 14.8243 10.4697 14.9305 10.1917 15C7.72557 15 5.26308 15 2.79699 15C2.78977 14.9927 2.78255 14.9854 2.77533 14.9854C2.18318 14.8975 1.70657 14.396 1.65963 13.7299C1.59102 12.7928 1.50798 11.8521 1.43215 10.9151C1.33828 9.79136 1.24801 8.6713 1.15413 7.54758C1.07109 6.51

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_turnoff_gray.a7446394.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1858
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.054255384536267
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24:tcoqAuJJhP7yShzrcOTpBqPmJT2cePJeSFu1uXfSVbxS6GRqkg+HqpYNOo5bASNQ:hqPY85FBgcAtu1QS8qkg+HIYZXtlkN
                                                                                                                                                                                                                                                                                    MD5:04FDC7FEDBD2538F8B4A24EC6A737DDB
                                                                                                                                                                                                                                                                                    SHA1:30EAAA4ECE1B1D47F846D1CF2B5B29753049335C
                                                                                                                                                                                                                                                                                    SHA-256:E649612224E5754F9FD4A7602847F932B58BF6B24A22A36029D782FD129054CD
                                                                                                                                                                                                                                                                                    SHA-512:18502FD6B8C17E3EE5EC89E9F9028710BB2BE57D2FB46282DDD3E7CE5C76F76FD17ECDFCC810F4B44FCE583937F10DD45C397449C374E4DBD7EFF2C12E36358C
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="19" height="21" viewBox="0 0 19 21" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M8.896 21C8.53124 20.9487 8.16142 20.9077 7.80173 20.8359C5.14713 20.3231 3.06499 18.9233 1.56544 16.6568C0.521838 15.0826 -0.00502985 13.334 3.61876e-05 11.4418C0.0101683 8.62669 1.02844 6.24228 3.05486 4.30398C3.81983 3.57584 4.69119 3.00665 5.6436 2.57592C6.08435 2.37594 6.54536 2.50926 6.77839 2.89897C7.00636 3.27843 6.92024 3.77069 6.57069 4.03734C6.47443 4.10912 6.36298 4.16553 6.25659 4.21681C4.39229 5.10904 3.05992 6.51918 2.28482 8.45235C1.75289 9.78044 1.6009 11.1547 1.81874 12.5751C2.07711 14.2467 2.79142 15.6928 3.96168 16.8978C5.00021 17.9695 6.25153 18.6925 7.70041 19.0309C9.72683 19.5078 11.6469 19.2207 13.4352 18.1592C15.1424 17.1491 16.3127 15.6723 16.9054 13.7647C17.5893 11.57 17.3613 9.44201 16.2316 7.43705C15.416 5.98589 14.2407 4.91931 12.7411 4.21681C12.4777 4.09374 12.2446 3.93478 12.1433 3.6425C12.0268 3.31432 12.118 2.93999 12.3764 2.70411C12.6651 2.44773 1

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_turnoff_white.333d83c8.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):1854
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.069519451091226
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:24:tcoqAuJJhP7yShzrcOTpBqPmJT2cePJeSFu1uXfSVbxS6GRqkg+HqpYNOo5bAH2y:hqPY85FBgcAtu1QS8qkg+HIY1XtlkB
                                                                                                                                                                                                                                                                                    MD5:FCA164880EE2E1D12B798C98241DCB76
                                                                                                                                                                                                                                                                                    SHA1:A8554FA6389771ECBB7A7C5FEB016EC3DD6C056E
                                                                                                                                                                                                                                                                                    SHA-256:5F591B87FE162601A488611DAEE8E89C6C0ABA9006DE926D75FC339224AA61E2
                                                                                                                                                                                                                                                                                    SHA-512:90C00A580BBB8C47AB0B88A52F7738AE6F3188F3E6964D7CBB7011680C4F5406FA61EF7EA8A6403D41CA429E3FFD9FFABEF4C948DCA86782515E99A057B1CE27
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="19" height="21" viewBox="0 0 19 21" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M8.896 21C8.53124 20.9487 8.16142 20.9077 7.80173 20.8359C5.14713 20.3231 3.06499 18.9233 1.56544 16.6568C0.521838 15.0826 -0.00502985 13.334 3.61876e-05 11.4418C0.0101683 8.62669 1.02844 6.24228 3.05486 4.30398C3.81983 3.57584 4.69119 3.00665 5.6436 2.57592C6.08435 2.37594 6.54536 2.50926 6.77839 2.89897C7.00636 3.27843 6.92024 3.77069 6.57069 4.03734C6.47443 4.10912 6.36298 4.16553 6.25659 4.21681C4.39229 5.10904 3.05992 6.51918 2.28482 8.45235C1.75289 9.78044 1.6009 11.1547 1.81874 12.5751C2.07711 14.2467 2.79142 15.6928 3.96168 16.8978C5.00021 17.9695 6.25153 18.6925 7.70041 19.0309C9.72683 19.5078 11.6469 19.2207 13.4352 18.1592C15.1424 17.1491 16.3127 15.6723 16.9054 13.7647C17.5893 11.57 17.3613 9.44201 16.2316 7.43705C15.416 5.98589 14.2407 4.91931 12.7411 4.21681C12.4777 4.09374 12.2446 3.93478 12.1433 3.6425C12.0268 3.31432 12.118 2.93999 12.3764 2.70411C12.6651 2.44773 1

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_unpin_gray.712c1820.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2922
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.8955256034331684
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:qqUqL0zHerZmOk5T7f/v+8JKgmEU5BdN5gxQsAvCSEkP2ME6nwnTW5IO:qoC+rZg5vuwyVBb5gxQHvREkP2Jl8
                                                                                                                                                                                                                                                                                    MD5:60F659C2639149E5FE452A99BA232B94
                                                                                                                                                                                                                                                                                    SHA1:70AB8FCF7714F5C83F9C7C749E95702273CEAF11
                                                                                                                                                                                                                                                                                    SHA-256:FA330061E57D90B2BBB6F9F24982991F574DEC5E697CBACFB2551BD6D6317CD3
                                                                                                                                                                                                                                                                                    SHA-512:25C728806C4C1501762A1D0446D18818BDDE667FE0681074541D3C8F4F2207F8DC8AA3A5F825CDE2F79E580BBA0F6C9189BBD9C2E11D261E57D4ECA78B83405D
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="15" height="15" viewBox="0 0 15 15" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M14.7852 5.44353C13.0198 3.71096 11.2747 1.96502 9.5161 0.225768C9.21289 -0.0752561 8.88947 -0.0752561 8.58626 0.225768C7.95964 0.841196 7.33975 1.45662 6.71986 2.07874C6.41665 2.37977 6.41665 2.69417 6.7266 3.00188C6.84788 3.12898 6.98264 3.2427 7.10392 3.36311C7.07697 3.40325 7.07023 3.42332 7.05676 3.4367C6.49077 3.99861 5.93152 4.56052 5.3588 5.10905C5.31163 5.15588 5.19709 5.17595 5.12971 5.16257C4.27399 5.00871 3.41153 4.92844 2.54234 5.04216C1.8416 5.12912 1.18802 5.34987 0.648983 5.82482C0.271659 6.16598 0.264921 6.48039 0.622032 6.83493C1.69336 7.89855 2.77143 8.96886 3.84276 10.0325C3.89667 10.086 3.94383 10.1395 4.02469 10.2198C3.88993 10.3402 3.76191 10.4472 3.64736 10.5609C2.50865 11.6915 1.3632 12.822 0.224493 13.9592C-0.0113341 14.1933 -0.0584993 14.4408 0.0695214 14.6883C0.197542 14.9291 0.453583 15.0562 0.743314 14.976C0.878073 14.9425 1.00609 14.8556 1.10716 14.75

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_unpin_white.6b8ad10f.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2920
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.895777405127468
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:qqUqL0zHerZmOk5T7f/v+8JKgmEU5BdN5gxQsAvCSEkP2ME6nwnTW5Io:qoC+rZg5vuwyVBb5gxQHvREkP2Jla
                                                                                                                                                                                                                                                                                    MD5:610CC1A8CF2F609FCD872D217E3D4333
                                                                                                                                                                                                                                                                                    SHA1:91F5EBF7DFAA1F39123342EFF19176D4432C0388
                                                                                                                                                                                                                                                                                    SHA-256:AC401187E858B9BD7CAD7A638063B9808FA6545D6576BBEA41471C7336E6AAE2
                                                                                                                                                                                                                                                                                    SHA-512:E803E86F8090F205EBF3EF2E9796ECFD7B31485A89DFFA4B72785E3E721BFA67CEF2D1D8416352C320BC6556FF977FC9630A2E24551BA6CDB9965F2067B3CE28
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="15" height="15" viewBox="0 0 15 15" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M14.7852 5.44353C13.0198 3.71096 11.2747 1.96502 9.5161 0.225768C9.21289 -0.0752561 8.88947 -0.0752561 8.58626 0.225768C7.95964 0.841196 7.33975 1.45662 6.71986 2.07874C6.41665 2.37977 6.41665 2.69417 6.7266 3.00188C6.84788 3.12898 6.98264 3.2427 7.10392 3.36311C7.07697 3.40325 7.07023 3.42332 7.05676 3.4367C6.49077 3.99861 5.93152 4.56052 5.3588 5.10905C5.31163 5.15588 5.19709 5.17595 5.12971 5.16257C4.27399 5.00871 3.41153 4.92844 2.54234 5.04216C1.8416 5.12912 1.18802 5.34987 0.648983 5.82482C0.271659 6.16598 0.264921 6.48039 0.622032 6.83493C1.69336 7.89855 2.77143 8.96886 3.84276 10.0325C3.89667 10.086 3.94383 10.1395 4.02469 10.2198C3.88993 10.3402 3.76191 10.4472 3.64736 10.5609C2.50865 11.6915 1.3632 12.822 0.224493 13.9592C-0.0113341 14.1933 -0.0584993 14.4408 0.0695214 14.6883C0.197542 14.9291 0.453583 15.0562 0.743314 14.976C0.878073 14.9425 1.00609 14.8556 1.10716 14.75

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_weather_gray.6eb05cae.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):3445
                                                                                                                                                                                                                                                                                    Entropy (8bit):3.979453075901205
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:lFFqyQ7dtcTIAcq+/O53Jve2d923tqjvtLaTbVixmR/3dagOJj2xcS19kjJWtHGE:5q7HcUAT7mztiVLavIxmN3IZh2n
                                                                                                                                                                                                                                                                                    MD5:8517A7C9AC10921DEBA471DD89A13601
                                                                                                                                                                                                                                                                                    SHA1:55F06AA4A8E2C59CCBCF9EDFBF4A19192E921302
                                                                                                                                                                                                                                                                                    SHA-256:4AA2937B6A751F114A1CB7BE1A09ECEC436F70AF6350A17EAFF88A3D88262818
                                                                                                                                                                                                                                                                                    SHA-512:6EB83B5F88E0945C63550501FD856AB9E0B80C0827470124FF93342A7F8EB560CCF11AFEBC08D49F7BB55122EB6D22D0146E979D7A10F911233E17B77704DD86
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="27" height="23" viewBox="0 0 27 23" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M26.576 17.9499C26.4889 18.2549 26.4453 18.5599 26.3582 18.8649C25.7918 20.9561 24.0056 22.5245 21.8708 22.7859C21.5223 22.8294 21.1737 22.8294 20.8252 22.8294C17.2527 22.8294 13.6367 22.8294 10.0642 22.8294C7.84227 22.8294 6.09959 21.3917 5.66392 19.257C5.44609 18.2549 5.62036 17.2529 6.14316 16.338C6.18673 16.2508 6.2303 16.2073 6.27387 16.1201C6.01247 15.9023 5.70749 15.6845 5.44609 15.4666C3.57271 13.6804 2.96277 11.502 3.70341 9.0623C4.44405 6.62255 6.18672 5.18485 8.7136 4.74918C11.3712 4.31351 13.9416 5.70765 15.1615 8.10383C15.2486 8.27809 15.3358 8.32166 15.51 8.36523C17.8191 8.5395 19.5182 9.62867 20.5202 11.6763C20.6509 11.8941 20.7381 11.9813 20.9995 11.9813C23.8313 11.9377 26.0968 13.9418 26.4889 16.7301C26.4889 16.7736 26.5325 16.8608 26.5325 16.9043C26.576 17.2529 26.576 17.6014 26.576 17.9499ZM15.5972 21.3046C16.5121 21.3046 17.4706 21.3046 18.3855 21.3046C19.3439 2

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\icon_weather_white.c0043930.svg

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):3425
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.01234712901125
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:DKJzzcgT2SgblyFVQzNrd99EGDBBIO2sOlvu0+sGD0gfDOAHmD1MjQQnfvw8aN+F:+zzcWMlyFWJO5fYdHmDufv1aNs
                                                                                                                                                                                                                                                                                    MD5:0C92AF8318B8C3247643257AF05FD42E
                                                                                                                                                                                                                                                                                    SHA1:2DD447FF88BC4B9BC48324FEF75D9395867D7462
                                                                                                                                                                                                                                                                                    SHA-256:0503A1E65404853AE72D674F95D1ECB8EFCDF94B68A5B80EE8B59D7E77504A39
                                                                                                                                                                                                                                                                                    SHA-512:C5AACD08A30E34262FA433B29EC8971CC39E4675D9186C9D527641516CBB5C70B7F3138DF3AA3BD45677B4043F89DAC981C2F16D31ACD6A80226E4E43AB6107B
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="26" height="22" viewBox="0 0 26 22" fill="none" xmlns="http://www.w3.org/2000/svg">..<path d="M26 17.2979C25.9147 17.5917 25.8721 17.8856 25.7869 18.1795C25.2328 20.1948 23.4853 21.7063 21.3968 21.9582C21.0558 22.0002 20.7149 22.0002 20.3739 22.0002C16.8789 22.0002 13.3413 22.0002 9.84631 22.0002C7.6726 22.0002 5.96772 20.6147 5.5415 18.5574C5.32839 17.5917 5.49888 16.6261 6.01034 15.7444C6.05297 15.6604 6.0956 15.6185 6.13822 15.5345C5.88249 15.3246 5.58412 15.1146 5.32839 14.9047C3.49565 13.1833 2.89895 11.0841 3.62352 8.7329C4.34809 6.38173 6.05296 4.99623 8.52503 4.57638C11.125 4.15653 13.6397 5.50005 14.8331 7.80923C14.9183 7.97717 15.0035 8.01915 15.174 8.06114C17.433 8.22908 19.0952 9.2787 20.0755 11.252C20.2034 11.4619 20.2887 11.5459 20.5444 11.5459C23.3148 11.5039 25.5311 13.4352 25.9147 16.1223C25.9147 16.1643 25.9574 16.2482 25.9574 16.2902C26 16.6261 26 16.962 26 17.2979ZM15.2593 20.5307C16.1543 20.5307 17.092 20.5307 17.9871 20.5307C18.9248 20.5307 19.8198 20.

                                                                                                                                                                                                                                                                                    C:\Users\user\PCAppStore\ui\static\media\in_background_auto_update_img.dd2961b8.png

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    File Type:PNG image data, 490 x 140, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):11957
                                                                                                                                                                                                                                                                                    Entropy (8bit):7.943985153985361
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:192:jSTZR77SSlsXp7h9PKr6L1KJ9yRh/+AogjkisWttJkuzTCFvm9e4t4L6swiagy76:WJsV0e1j+AoGsWtxWqCJHHNi0
                                                                                                                                                                                                                                                                                    MD5:5D3291D90D252B1C09C262466D67D04A
                                                                                                                                                                                                                                                                                    SHA1:0AFB93843C13CC71B458D92E5400FC756FEC5691
                                                                                                                                                                                                                                                                                    SHA-256:4192A0833E3F06C4B9B563BA5777A3CBFAA69BCBA6DF233889540709772FF082
                                                                                                                                                                                                                                                                                    SHA-512:B14F315D3C3A7F7EEEB758774DCC0F3891087DCC79C2A30C61E27F401F04AFDD18D0393AA7CFA4E56A41F6F295AF0716920B313653D095ADB5CE56E18804EEE1
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.PNG........IHDR.....................pHYs.................sRGB.........gAMA......a....JIDATx..}p..}.b......l.`...cp.p..$....M...$...6.I.o...i...N.f...L.G.M..8.f...0..,$1..........3.X....=.s........+..~f4..=.y?.w~..9.i.c.Q'..B.<2..'..B.."A-..B...j!..".HP.!..9F.Z.!..1..B.!D....B.!r....B..c$...B..#A-..B...j!..".HP.!..9F.Z.!..1..B.!D....B.!r....B..c$...B..#A-..B...j!..".HP.!..9F.Z.!..1..B.!D....B.!r....B..c$...B..#A-..B...j!..".HP.!..9F.Z.!..17...2........&wS.m..^..r..x......kC/9!..b..r..m... ..=.GA@g.j..7...I`.!..I..RP..y.k.....^....kCn.....wB.!..`...E.q9.}......q-7..z._Z|.......T0o.....7...~......+.n....Y.q.+.5....IW.O..~o.....Y...].Y....v.....~w..{.../..?..g..y...?...x..g...'....zA...o...7o..........R......W)...k........._..[{....|..?..?.Y..?......O.`.{<..j..dtt.......Q-...c_..S.Zz<G.R?.so.....H...}.I..o}....cuiy......_y.}...s---..O~5..g.wB.Q.......k..z@X.....t..._.qn.]w.A..D..<......@.,.=....>.v.u.{.....s...4..ou.>......7....o.-.X.Tz.....

                                                                                                                                                                                                                                                                                    Chrome Cache Entry: 358

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (14408)
                                                                                                                                                                                                                                                                                    Category:downloaded
                                                                                                                                                                                                                                                                                    Size (bytes):440758
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.62807453340313
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:N4w5GFjJBa34ZtOxMVMMtLevwWY7UstYpg+oPvkOsWm7c:GwEFjJsMEeVPev8Wpc
                                                                                                                                                                                                                                                                                    MD5:D63B18631CFB3830D3F1B34A2F407476
                                                                                                                                                                                                                                                                                    SHA1:6423C69B0A31D005A7D4CA989D75CEF977D4F72B
                                                                                                                                                                                                                                                                                    SHA-256:7C1F3A82B7EF3480E57EE10F1B02A204A77B72DD262C6DE12C9EF9160202D2F6
                                                                                                                                                                                                                                                                                    SHA-512:85F438E368BA22D192822E7AA3F50D1E3D6C08F636330C7E46A9EC6BD6C727C1F8CCC55E2FF8AB87080744853DC62110169575E5AED5FB48DF74686C9B8D4EA2
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    URL:https://www.googletagmanager.com/gtag/js?id=G-VFQWFX3X1C
                                                                                                                                                                                                                                                                                    Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"3",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_cross_domain","priority":39,"vtp_rules":["list","pcapp\\.store","pcappstore\\.download"],"tag_id":11},{"function":"__ogt_ga_send","priority":29,"vtp_value":true,"tag_id":13},{"function":"__ogt_referral_exclusion","priority":29,"vtp_includeConditions":["list","veryfast\\.io"],"tag_id":14},{"function":"__ogt_session_timeout","priority":29,"vtp_sessionMinutes":30,"vtp_sessionHours":0,"tag_id":15},{"function":"__ogt_1p_data_v2","priority":29,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionTy

                                                                                                                                                                                                                                                                                    Chrome Cache Entry: 359

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:HTML document, ASCII text, with very long lines (22169), with no line terminators
                                                                                                                                                                                                                                                                                    Category:downloaded
                                                                                                                                                                                                                                                                                    Size (bytes):22169
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.548023055374882
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:384:yXmgCJ0cErc+LcgjcGmct7c8ucB1cQNc1Nc2+0FO8r0/5r/sL/Uj/gm/F7/Nu/yR:ScUc2c0c/cNclcHcicDc3KtY/p/M/I/F
                                                                                                                                                                                                                                                                                    MD5:B961A75EE2A9CAD6211AF8FFAD7C24A1
                                                                                                                                                                                                                                                                                    SHA1:424D9AD2BCA0C21CB0165A50C32990898C961925
                                                                                                                                                                                                                                                                                    SHA-256:13C06D02C508401EC8150C96BE1000887E3A074B4D1BBD9FCA010E9095892B75
                                                                                                                                                                                                                                                                                    SHA-512:65C917F58FAB005D2572C0FACCEB78AAB7DBFFF13021AD3A3FCD22FB4A7982BC8F747D976EB3FEFF1FED0F9C3A2C3E295EF9DB647CCA9A7CFA15826408E61A66
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    URL:https://td.doubleclick.net/td/rul/858128210?random=1731360324107&cv=11&fst=1731360324107&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&label=kTaFCIuq0YYZENL-l5kD&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dconversion
                                                                                                                                                                                                                                                                                    Preview:<html><head><meta http-equiv="origin-trial" content="Avh5Ny0XEFCyQ7+oNieXskUrqY8edUzL5/XrwKlGjARQHW4TFRK+jVd5HnDIpY20n5OLHfgU4ku7x48N3uhG/A0AAABxeyJvcmlnaW4iOiJodHRwczovL2RvdWJsZWNsaWNrLm5ldDo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjk1MTY3OTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0="></head><body><script>var ig_list={"interestGroups":[{"action":0,"expirationTimeInSeconds":31104000,"interestGroupAttributes":{"owner":"https://td.doubleclick.net","name":"4s1387167454.1731360324","biddingLogicUrl":"https://td.doubleclick.net/td/bjs","dailyUpdateUrl":"https://td.doubleclick.net/td/update?ig_name=4s1387167454.1731360324\u0026ig_key=1sNHMxMzg3MTY3NDU0LjE3MzEzNjAzMjQ!2saQ0SRQ!3sAAptDV4wxzT9\u0026tag_eid=44801596","trustedBiddingSignalsUrl":"https://td.doubleclick.net/td/bts","trustedBiddingSignalsKeys":["1saon9ZQ!2saQ0SRQ!3sAAptDV4wxzT9","1i44801596"],"userBiddingSignals":[["7904283812","8552333481","7904705661","7900466892","475816165","7896384790","596093288"],null,173136032556

                                                                                                                                                                                                                                                                                    Chrome Cache Entry: 360

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (4971), with no line terminators
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):4971
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.855753671624641
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:1gWUfvlcY021mvn1blhad7OIJoodnbUp2dEjkRUNtJ+fCKaZW8:1DY0hf1bT47OIqWb1etJ+fyZW8
                                                                                                                                                                                                                                                                                    MD5:DA6091CFAEDC669817133CF6AAD63F00
                                                                                                                                                                                                                                                                                    SHA1:9B28FACECE4D817F051EE6CF2B2C4AF538FC5AE5
                                                                                                                                                                                                                                                                                    SHA-256:99A980588CA9F763F73B2BADD5696F51C6B05F734488C19CBA8190AFE51F9566
                                                                                                                                                                                                                                                                                    SHA-512:0C75F33FE8804F7899CA63B5D3ADE75306BA2EF31F229928C563996421398EA57D20376ED34A8C1F509F5B449BE82659A6C8F5D877E712B627D655D2A94B224C
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,d){if(a==Array.prototype||a==Object.prototype)return a;a[b]=d.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var d=a[b];if(d&&d.Math==Math)return d}throw Error("Cannot find global object");} var m=k(this),p=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},v={};function w(a,b,d){if(!d||a!=null){d=v[b];if(d==null)return a[b];d=a[d];return d!==void 0?d:a[b]}} function x(a,b,d){if(b)a:{var c=a.split(".");a=c.length===1;var e=c[0],g;!a&&e in t?g=t:g=m;for(e=0;e<c.length-1;e++){var f=c[e];if(!(f in g))break a;g=g[f]}c=c[c.length-1];d=p&&d==="es6"?g[c]:null;b=b(d);b!=null&&(a?h(t,c,{configurable:!0,writable:!0,value:b}):b!==d&&(v[c]===void 0&&(a=Math.random()*1E9>>>0,v[c]=p?m.Symbol(c):"$jscp$"+a+"$"+c),h(g,v[c],{co

                                                                                                                                                                                                                                                                                    Chrome Cache Entry: 361

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (3969)
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):292169
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.560330236048097
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3072:4RB4gOrF34Z394MVRCBO0dRrvabnqYToS5eVRUyVwWY7UstSEAz:OBa34Zt4MVR/cMevwWY7UstSEW
                                                                                                                                                                                                                                                                                    MD5:62171C55DF6CFBD810D0ECA4BA96C52F
                                                                                                                                                                                                                                                                                    SHA1:C6BE49E65EB143E7CA1BFFBC43F0136A114D270D
                                                                                                                                                                                                                                                                                    SHA-256:66AAE6235E0C6F45C5C7F19CA645133246B993786BAB900AE45E4409B1D6D8FA
                                                                                                                                                                                                                                                                                    SHA-512:FE549746DCDA6F0CF40A535E23D9357F8034FCA6B9886AB952CAB3486C0C0E854A2954335E1D03BBEB33441F166A03D151FDC3EC12E4456A2081EC289527F3A1
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_ads_datatos","priority":16,"vtp_instanceDestinationId":"AW-858128210","tag_id":16},{"function":"__ogt_cps","priority":6,"vtp_cpsMode":"ALL","tag_id":8},{"function":"__ogt_1p_data_v2","priority":6,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_streetValue":"","vtp_

                                                                                                                                                                                                                                                                                    Chrome Cache Entry: 362

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (4971), with no line terminators
                                                                                                                                                                                                                                                                                    Category:downloaded
                                                                                                                                                                                                                                                                                    Size (bytes):4971
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.856909711794703
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:96:1gWUfvlcY021mvn1blhad7OIJoodnbUp2dEjkRUNtJ+fCKaZWYu:1DY0hf1bT47OIqWb1etJ+fyZWYu
                                                                                                                                                                                                                                                                                    MD5:2395C875661DE775C1CE1A1035847602
                                                                                                                                                                                                                                                                                    SHA1:8CF9317B511A1CBFE8FA1CEF27D3CC718CCA6D71
                                                                                                                                                                                                                                                                                    SHA-256:7B75F24750FA0662BA4C5024583608503020AAC83015E3E97A76007431D3D43B
                                                                                                                                                                                                                                                                                    SHA-512:375DF253DF1918456073EFCD1ED3A51A83FF565008462741324FB94B9571CFC69C8077816EAB81B8A004D68977B182161015C058B0C6AA2BCF7EF21AA6A3F288
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    URL:https://googleads.g.doubleclick.net/pagead/viewthroughconversion/858128210/?random=1731360324107&cv=11&fst=1731360324107&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&label=kTaFCIuq0YYZENL-l5kD&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dconversion&rfmt=3&fmt=4
                                                                                                                                                                                                                                                                                    Preview:(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,d){if(a==Array.prototype||a==Object.prototype)return a;a[b]=d.value;return a};function k(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var d=a[b];if(d&&d.Math==Math)return d}throw Error("Cannot find global object");} var m=k(this),p=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},v={};function w(a,b,d){if(!d||a!=null){d=v[b];if(d==null)return a[b];d=a[d];return d!==void 0?d:a[b]}} function x(a,b,d){if(b)a:{var c=a.split(".");a=c.length===1;var e=c[0],g;!a&&e in t?g=t:g=m;for(e=0;e<c.length-1;e++){var f=c[e];if(!(f in g))break a;g=g[f]}c=c[c.length-1];d=p&&d==="es6"?g[c]:null;b=b(d);b!=null&&(a?h(t,c,{configurable:!0,writable:!0,value:b}):b!==d&&(v[c]===void 0&&(a=Math.random()*1E9>>>0,v[c]=p?m.Symbol(c):"$jscp$"+a+"$"+c),h(g,v[c],{co

                                                                                                                                                                                                                                                                                    Chrome Cache Entry: 363

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (3969)
                                                                                                                                                                                                                                                                                    Category:downloaded
                                                                                                                                                                                                                                                                                    Size (bytes):292176
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.560427951481527
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3072:4RB4gOrF34Z394MT+CBO0dRrvabnqYToS5eVRUyVwWY7UstSEAA:OBa34Zt4MT+/cMevwWY7UstSEZ
                                                                                                                                                                                                                                                                                    MD5:A1FB1023399E80EC0C40C5FF4BFFDC11
                                                                                                                                                                                                                                                                                    SHA1:B6972DC3504156F88E1DE533954298463538F81E
                                                                                                                                                                                                                                                                                    SHA-256:FCFD52502994A56733D77C16102202CCADFB7E7E289BC9B634E3E809C02BC134
                                                                                                                                                                                                                                                                                    SHA-512:DDD302DCE065100DDA1E616EED10123998900E76E13F9FF4757F508DECD499284AD68EDBBA83B74C2AB77A8FDA8EC4C44F7AD5351D2261809CABDCB4E5EEEB59
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    URL:https://www.googletagmanager.com/gtag/js?id=AW-858128210&l=dataLayer&cx=c&gtm=45je4b70v898645365za200
                                                                                                                                                                                                                                                                                    Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"2",. . "macros":[{"function":"__e"}],. "tags":[{"function":"__ogt_ads_datatos","priority":16,"vtp_instanceDestinationId":"AW-858128210","tag_id":16},{"function":"__ogt_cps","priority":6,"vtp_cpsMode":"ALL","tag_id":8},{"function":"__ogt_1p_data_v2","priority":6,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionType":"CSS_SELECTOR","vtp_autoEmailEnabled":true,"vtp_postalCodeValue":"","vtp_lastNameValue":"","vtp_phoneType":"CSS_SELECTOR","vtp_phoneValue":"","vtp_streetType":"CSS_SELECTOR","vtp_autoPhoneEnabled":false,"vtp_postalCodeType":"CSS_SELECTOR","vtp_emailValue":"","vtp_firstNameValue":"","vtp_streetValue":"","vtp_

                                                                                                                                                                                                                                                                                    Chrome Cache Entry: 364

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:HTML document, ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                    Category:downloaded
                                                                                                                                                                                                                                                                                    Size (bytes):13
                                                                                                                                                                                                                                                                                    Entropy (8bit):2.7773627950641693
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:3:qVZPV:qzd
                                                                                                                                                                                                                                                                                    MD5:C83301425B2AD1D496473A5FF3D9ECCA
                                                                                                                                                                                                                                                                                    SHA1:941EFB7368E46B27B937D34B07FC4D41DA01B002
                                                                                                                                                                                                                                                                                    SHA-256:B633A587C652D02386C4F16F8C6F6AAB7352D97F16367C3C40576214372DD628
                                                                                                                                                                                                                                                                                    SHA-512:83BAFE4C888008AFDD1B72C028C7F50DEE651CA9E7D8E1B332E0BF3AA1315884155A1458A304F6E5C5627E714BF5A855A8B8D7DB3F4EB2BB2789FE2F8F6A1D83
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    URL:https://td.doubleclick.net/td/ga/rul?tid=G-VFQWFX3X1C&gacid=367951386.1731360323&gtm=45je4b70v898645365za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629~102077854&z=136806735
                                                                                                                                                                                                                                                                                    Preview:<html></html>

                                                                                                                                                                                                                                                                                    Chrome Cache Entry: 365

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):2118
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.907323279161229
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:P8LlLU20REEalwVtWMhiiA379OC0WGKwKNHOLRcVIK0:ULtU2A8lwVtW+3ALKczI5
                                                                                                                                                                                                                                                                                    MD5:1039640CF0666A1621D55C9E9FA81439
                                                                                                                                                                                                                                                                                    SHA1:A7E6A6AB233DAE1776506F2E6C7FD03E46E83EA9
                                                                                                                                                                                                                                                                                    SHA-256:4455C2A26901C4D348E194B06B06908C155E6459CF5987984D03848E30964F0C
                                                                                                                                                                                                                                                                                    SHA-512:F9324B6C58C51DC3F24BD242EADA7E5565B60E12863EC13F28D883028791AEC7EC5E324298FA0427AD1CD45BDD7260FF0295DC171F24DD0AC3F0203FB6CD0706
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:<svg width="132" height="132" viewBox="0 0 132 132" fill="none" xmlns="http://www.w3.org/2000/svg"><g filter="url(#filter0_d_539_279)"><path d="M16 12.5A4.5 4.5 0 0120.5 8h91a4.5 4.5 0 014.5 4.5v91a4.5 4.5 0 01-4.5 4.5h-91a4.5 4.5 0 01-4.5-4.5v-91z" fill="#fff"/></g><path d="M81.894 54.233H67.64c-.913 0-.913 0-.913-.865V32.733c0-.865 0-.845.85-.966 3.341-.463 6.661-.946 10.002-1.41 3.839-.543 7.657-1.066 11.496-1.59 2.345-.322 4.69-.664 7.014-.986 1.037-.14 1.037-.14 1.037.866v24.6c0 .986 0 .986-1.016.986H81.894zm.021 5.841h14.422c.767 0 .767 0 .767.765v24.963c0 .845 0 .865-.871.745-3.32-.463-6.64-.947-9.94-1.41-2.282-.322-4.586-.624-6.868-.946-2.801-.382-5.603-.785-8.404-1.187-1.204-.161-2.386-.363-3.59-.484-.54-.06-.705-.261-.705-.764.02-4.067.02-8.113.02-12.18v-8.898c0-.463.146-.604.623-.604 4.814.02 9.69 0 14.546 0zm-34.175.001h12.243c.705 0 .705 0 .705.704v19.669c0 .825-.041.825-.892.704-2.47-.342-4.918-.684-7.387-1.026-2.158-.303-4.316-.625-6.454-.927-2.448-.342-4.897-.664-7.345-

                                                                                                                                                                                                                                                                                    Chrome Cache Entry: 366

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:HTML document, ASCII text, with very long lines (22196), with no line terminators
                                                                                                                                                                                                                                                                                    Category:downloaded
                                                                                                                                                                                                                                                                                    Size (bytes):22196
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.549634937331626
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:384:yomgBW0/5r/sL/Uj/gm/F7/Nu/y1/bN/eN/1+LFl8Ln08gr8hL89Cj8tm8078NuG:d/p/M/I/V/1/8/E/x/E/gxmL08o818kS
                                                                                                                                                                                                                                                                                    MD5:51E89F426C7F02A6208B49EA60A6C30D
                                                                                                                                                                                                                                                                                    SHA1:2281F844CAF4788642953AB68170B87CF2444A3C
                                                                                                                                                                                                                                                                                    SHA-256:148327DAF618C3E78BE9933BB62E60954A866C0A60CCB73F53BE9B41618CD47A
                                                                                                                                                                                                                                                                                    SHA-512:93196577FEE3C8C08E216B02ADE08F5339539E13E65C5CAC0385D4CBDAC14C48502E65BD74544C25DEAC2B7F0D4E1E6CC9F18187987500954BBB0DF9D9FAC481
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    URL:https://td.doubleclick.net/td/rul/858128210?random=1731360323996&cv=11&fst=1731360323996&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config
                                                                                                                                                                                                                                                                                    Preview:<html><head><meta http-equiv="origin-trial" content="Avh5Ny0XEFCyQ7+oNieXskUrqY8edUzL5/XrwKlGjARQHW4TFRK+jVd5HnDIpY20n5OLHfgU4ku7x48N3uhG/A0AAABxeyJvcmlnaW4iOiJodHRwczovL2RvdWJsZWNsaWNrLm5ldDo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjk1MTY3OTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0="></head><body><script>var ig_list={"interestGroups":[{"action":0,"expirationTimeInSeconds":5184000,"interestGroupAttributes":{"owner":"https://td.doubleclick.net","name":"4s1387167454.1731360324","biddingLogicUrl":"https://td.doubleclick.net/td/bjs","dailyUpdateUrl":"https://td.doubleclick.net/td/update?ig_name=4s1387167454.1731360324\u0026ig_key=1sNHMxMzg3MTY3NDU0LjE3MzEzNjAzMjQ!2sZ4GQRQ!3sAAptDV6aV-oM\u0026tag_eid=44801598","trustedBiddingSignalsUrl":"https://td.doubleclick.net/td/bts","trustedBiddingSignalsKeys":["1saon9ZQ!2sZ4GQRQ!3sAAptDV6aV-oM","1i44801598"],"userBiddingSignals":[["475816165","7904705661","596093288","7904283812","7900466892","7896384790"],null,1731360325565914],"ads":[{

                                                                                                                                                                                                                                                                                    Chrome Cache Entry: 367

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:HTML document, ASCII text, with very long lines (22155), with no line terminators
                                                                                                                                                                                                                                                                                    Category:downloaded
                                                                                                                                                                                                                                                                                    Size (bytes):22155
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.5482191083061645
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:384:yomgj20cErc+LcgjcGmct7c8ucB1cQNc1Nc2+0FO8r0/5r/sL/Uj/gm/F7/Nu/y1:bcUc2c0c/cNclcHcicDc3KtY/p/M/I/Z
                                                                                                                                                                                                                                                                                    MD5:83E79D6084FE01D7E10E9F54BE3BE496
                                                                                                                                                                                                                                                                                    SHA1:12D14ED81A34DCE362A9982B67D879714D3E8199
                                                                                                                                                                                                                                                                                    SHA-256:A333F179CEF35D8AC1CDE25CB2A412E9D3C2E499F12FF1D91757830C5606D8A9
                                                                                                                                                                                                                                                                                    SHA-512:2D451B13735CF2949BF0DC38F3E5F6BEFFAD86453C4D808DAEA5C9FCF1F4BBA56FFDD4472458F06441CB05C8FBA0830FE1FA753F0612CAA43D802B228BBDCE0F
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    URL:https://td.doubleclick.net/td/rul/858128210?random=1731360324075&cv=11&fst=1731360324075&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view
                                                                                                                                                                                                                                                                                    Preview:<html><head><meta http-equiv="origin-trial" content="Avh5Ny0XEFCyQ7+oNieXskUrqY8edUzL5/XrwKlGjARQHW4TFRK+jVd5HnDIpY20n5OLHfgU4ku7x48N3uhG/A0AAABxeyJvcmlnaW4iOiJodHRwczovL2RvdWJsZWNsaWNrLm5ldDo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhwaXJ5IjoxNjk1MTY3OTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0="></head><body><script>var ig_list={"interestGroups":[{"action":0,"expirationTimeInSeconds":5184000,"interestGroupAttributes":{"owner":"https://td.doubleclick.net","name":"4s1387167454.1731360324","biddingLogicUrl":"https://td.doubleclick.net/td/bjs","dailyUpdateUrl":"https://td.doubleclick.net/td/update?ig_name=4s1387167454.1731360324\u0026ig_key=1sNHMxMzg3MTY3NDU0LjE3MzEzNjAzMjQ!2sZ4GQRQ!3sAAptDV6aV-oM\u0026tag_eid=44800267","trustedBiddingSignalsUrl":"https://td.doubleclick.net/td/bts","trustedBiddingSignalsKeys":["1saon9ZQ!2sZ4GQRQ!3sAAptDV6aV-oM","1i44800267"],"userBiddingSignals":[["7896384790","7904283812","7904705661","7900466892","596093288","475816165"],null,1731360325567187],"ads":[{

                                                                                                                                                                                                                                                                                    Chrome Cache Entry: 368

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:ASCII text
                                                                                                                                                                                                                                                                                    Category:downloaded
                                                                                                                                                                                                                                                                                    Size (bytes):2499
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.4636477793325495
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:ejO4aAujO4aFuFZjjO4aNjO4a73rjO4awNjO4aQJc+uXjO4aWN0xD:aO4aAqO4aEFZHO4adO4a73vO4aoO4aQt
                                                                                                                                                                                                                                                                                    MD5:382991778933FB8F5697DEB2EE26A0ED
                                                                                                                                                                                                                                                                                    SHA1:6CDED0C76F01EA3C3C6DB8128B5CF59063A92C78
                                                                                                                                                                                                                                                                                    SHA-256:0919FF36779EEF85FA50AF4B94FB2D496A765612B7C5EDD31BA69EA1F4136736
                                                                                                                                                                                                                                                                                    SHA-512:FC05BAFD9EB747B7060B8C730E8A467CFD0A0311622B325E5EB74A1083D3A7B8897396CF4FE310E7567EAA1B5A951AB3906F57E57671F2852A18ED1AD0E7E2C9
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    URL:https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap
                                                                                                                                                                                                                                                                                    Preview:/* cyrillic-ext */.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 100 900;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2JL7SUc.woff2) format('woff2');. unicode-range: U+0460-052F, U+1C80-1C8A, U+20B4, U+2DE0-2DFF, U+A640-A69F, U+FE2E-FE2F;.}./* cyrillic */.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 100 900;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa0ZL7SUc.woff2) format('woff2');. unicode-range: U+0301, U+0400-045F, U+0490-0491, U+04B0-04B1, U+2116;.}./* greek-ext */.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 100 900;. font-display: swap;. src: url(https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa2ZL7SUc.woff2) format('woff2');. unicode-range: U+1F00-1FFF;.}./* greek */.@font-face {. font-family: 'Inter';. font-style: normal;. font-weight: 100 900;. f

                                                                                                                                                                                                                                                                                    Chrome Cache Entry: 369

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:ASCII text, with very long lines (14408)
                                                                                                                                                                                                                                                                                    Category:dropped
                                                                                                                                                                                                                                                                                    Size (bytes):440758
                                                                                                                                                                                                                                                                                    Entropy (8bit):5.628075728404025
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:6144:N4w5GFjJBa34ZtOxMVDMtLevwWY7UstYpg+oPvkOsWm7c:GwEFjJsMEeVoev8Wpc
                                                                                                                                                                                                                                                                                    MD5:AB8B91FC18A78C3CEC670EEE5B49FDF5
                                                                                                                                                                                                                                                                                    SHA1:4A1A36E6000C8CC3866BF9EFD59BAE88D50CADCB
                                                                                                                                                                                                                                                                                    SHA-256:5968310865C4FD4E419DD9754C6D5F5E8AB33115493D652FD4EE18EAEC6E1CA8
                                                                                                                                                                                                                                                                                    SHA-512:2436AC3BE345100CF478118FBAB1C047964DF7286520FA71DCD1C6A009B8FC312F74C8CDDF91F45F37FB1206EB2F21239F45495C548EBC052BF41973809C9FD2
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    Preview:.// Copyright 2012 Google Inc. All rights reserved.. .(function(){..var data = {."resource": {. "version":"3",. . "macros":[{"function":"__e"},{"function":"__c","vtp_value":""},{"function":"__c","vtp_value":0}],. "tags":[{"function":"__ogt_cross_domain","priority":39,"vtp_rules":["list","pcapp\\.store","pcappstore\\.download"],"tag_id":11},{"function":"__ogt_ga_send","priority":29,"vtp_value":true,"tag_id":13},{"function":"__ogt_referral_exclusion","priority":29,"vtp_includeConditions":["list","veryfast\\.io"],"tag_id":14},{"function":"__ogt_session_timeout","priority":29,"vtp_sessionMinutes":30,"vtp_sessionHours":0,"tag_id":15},{"function":"__ogt_1p_data_v2","priority":29,"vtp_isAutoEnabled":true,"vtp_autoCollectExclusionSelectors":["list",["map","exclusionSelector",""]],"vtp_isEnabled":true,"vtp_cityType":"CSS_SELECTOR","vtp_manualEmailEnabled":false,"vtp_firstNameType":"CSS_SELECTOR","vtp_countryType":"CSS_SELECTOR","vtp_cityValue":"","vtp_emailType":"CSS_SELECTOR","vtp_regionTy

                                                                                                                                                                                                                                                                                    Chrome Cache Entry: 370

                                                                                                                                                                                                                                                                                    Download File
                                                                                                                                                                                                                                                                                    Process:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    File Type:SVG Scalable Vector Graphics image
                                                                                                                                                                                                                                                                                    Category:downloaded
                                                                                                                                                                                                                                                                                    Size (bytes):2118
                                                                                                                                                                                                                                                                                    Entropy (8bit):4.907323279161229
                                                                                                                                                                                                                                                                                    Encrypted:false
                                                                                                                                                                                                                                                                                    SSDEEP:48:P8LlLU20REEalwVtWMhiiA379OC0WGKwKNHOLRcVIK0:ULtU2A8lwVtW+3ALKczI5
                                                                                                                                                                                                                                                                                    MD5:1039640CF0666A1621D55C9E9FA81439
                                                                                                                                                                                                                                                                                    SHA1:A7E6A6AB233DAE1776506F2E6C7FD03E46E83EA9
                                                                                                                                                                                                                                                                                    SHA-256:4455C2A26901C4D348E194B06B06908C155E6459CF5987984D03848E30964F0C
                                                                                                                                                                                                                                                                                    SHA-512:F9324B6C58C51DC3F24BD242EADA7E5565B60E12863EC13F28D883028791AEC7EC5E324298FA0427AD1CD45BDD7260FF0295DC171F24DD0AC3F0203FB6CD0706
                                                                                                                                                                                                                                                                                    Malicious:false
                                                                                                                                                                                                                                                                                    URL:https://repository.pcapp.store/pcapp/images/front_img/lp/lpd_installing_r2/img/done_windows_icon.svg
                                                                                                                                                                                                                                                                                    Preview:<svg width="132" height="132" viewBox="0 0 132 132" fill="none" xmlns="http://www.w3.org/2000/svg"><g filter="url(#filter0_d_539_279)"><path d="M16 12.5A4.5 4.5 0 0120.5 8h91a4.5 4.5 0 014.5 4.5v91a4.5 4.5 0 01-4.5 4.5h-91a4.5 4.5 0 01-4.5-4.5v-91z" fill="#fff"/></g><path d="M81.894 54.233H67.64c-.913 0-.913 0-.913-.865V32.733c0-.865 0-.845.85-.966 3.341-.463 6.661-.946 10.002-1.41 3.839-.543 7.657-1.066 11.496-1.59 2.345-.322 4.69-.664 7.014-.986 1.037-.14 1.037-.14 1.037.866v24.6c0 .986 0 .986-1.016.986H81.894zm.021 5.841h14.422c.767 0 .767 0 .767.765v24.963c0 .845 0 .865-.871.745-3.32-.463-6.64-.947-9.94-1.41-2.282-.322-4.586-.624-6.868-.946-2.801-.382-5.603-.785-8.404-1.187-1.204-.161-2.386-.363-3.59-.484-.54-.06-.705-.261-.705-.764.02-4.067.02-8.113.02-12.18v-8.898c0-.463.146-.604.623-.604 4.814.02 9.69 0 14.546 0zm-34.175.001h12.243c.705 0 .705 0 .705.704v19.669c0 .825-.041.825-.892.704-2.47-.342-4.918-.684-7.387-1.026-2.158-.303-4.316-.625-6.454-.927-2.448-.342-4.897-.664-7.345-

                                                                                                                                                                                                                                                                                    Static File Info

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    File type:PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
                                                                                                                                                                                                                                                                                    Entropy (8bit):7.612750766601589
                                                                                                                                                                                                                                                                                    TrID:
                                                                                                                                                                                                                                                                                    • Win32 Executable (generic) a (10002005/4) 99.96%
                                                                                                                                                                                                                                                                                    • Generic Win/DOS Executable (2004/3) 0.02%
                                                                                                                                                                                                                                                                                    • DOS Executable Generic (2002/1) 0.02%
                                                                                                                                                                                                                                                                                    • Autodesk FLIC Image File (extensions: flc, fli, cel) (7/3) 0.00%
                                                                                                                                                                                                                                                                                    File name:Setup.exe
                                                                                                                                                                                                                                                                                    File size:190'056 bytes
                                                                                                                                                                                                                                                                                    MD5:92c35fbe82bf7e416805c9286746ac4d
                                                                                                                                                                                                                                                                                    SHA1:c02243fb0053a5ba2eb71d8ccfe81553c3b4f191
                                                                                                                                                                                                                                                                                    SHA256:1ae950affe325dddd05586f66c1a4edd5133ffd13a8017759f8992ac27472e69
                                                                                                                                                                                                                                                                                    SHA512:2a4ab552ae0bd207534a49aba1beae280a9f0c6d49ca5b771f5357cf849b4bc54ca43ada85c646cc2dd06462dc01b298200f1dad59c0b7dac777bfdadbd0fc15
                                                                                                                                                                                                                                                                                    SSDEEP:3072:UbG7N2kDTHUpouL4Ynd86Pzy5n+/mGCK8izuG2okB2h4l591BBgkXmUa:UbE/HUzRe6ry5nmQiiGz4z9TJXra
                                                                                                                                                                                                                                                                                    TLSH:4704F15056E0C862D8A28B71B5797F7B8AB5DC2192B05F8313107B187E7DE819F0E3A3
                                                                                                                                                                                                                                                                                    File Content Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........1...Pf..Pf..Pf.*_9..Pf..Pg.LPf.*_;..Pf..sV..Pf..V`..Pf.Rich.Pf.........................PE..L...Z.Oa.................j.........

                                                                                                                                                                                                                                                                                    File Icon

                                                                                                                                                                                                                                                                                    Icon Hash:45d44c7192498005

                                                                                                                                                                                                                                                                                    Static PE Info

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Entrypoint:0x40352d
                                                                                                                                                                                                                                                                                    Entrypoint Section:.text
                                                                                                                                                                                                                                                                                    Digitally signed:true
                                                                                                                                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                                                                                                                                    Subsystem:windows gui
                                                                                                                                                                                                                                                                                    Image File Characteristics:RELOCS_STRIPPED, EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE
                                                                                                                                                                                                                                                                                    DLL Characteristics:DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE
                                                                                                                                                                                                                                                                                    Time Stamp:0x614F9B5A [Sat Sep 25 21:57:46 2021 UTC]
                                                                                                                                                                                                                                                                                    TLS Callbacks:
                                                                                                                                                                                                                                                                                    CLR (.Net) Version:
                                                                                                                                                                                                                                                                                    OS Version Major:4
                                                                                                                                                                                                                                                                                    OS Version Minor:0
                                                                                                                                                                                                                                                                                    File Version Major:4
                                                                                                                                                                                                                                                                                    File Version Minor:0
                                                                                                                                                                                                                                                                                    Subsystem Version Major:4
                                                                                                                                                                                                                                                                                    Subsystem Version Minor:0
                                                                                                                                                                                                                                                                                    Import Hash:56a78d55f3f7af51443e58e0ce2fb5f6

                                                                                                                                                                                                                                                                                    Authenticode Signature

                                                                                                                                                                                                                                                                                    Signature Valid:true
                                                                                                                                                                                                                                                                                    Signature Issuer:CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1, O="DigiCert, Inc.", C=US
                                                                                                                                                                                                                                                                                    Signature Validation Error:The operation completed successfully
                                                                                                                                                                                                                                                                                    Error Number:0
                                                                                                                                                                                                                                                                                    Not Before, Not After
                                                                                                                                                                                                                                                                                    • 08/05/2024 02:00:00 14/02/2025 00:59:59
                                                                                                                                                                                                                                                                                    Subject Chain
                                                                                                                                                                                                                                                                                    • CN=FAST CORPORATION LTD, O=FAST CORPORATION LTD, L=Ra'anana, C=IL, SERIALNUMBER=515636181, OID.2.5.4.15=Private Organization, OID.1.3.6.1.4.1.311.60.2.1.3=IL
                                                                                                                                                                                                                                                                                    Version:3
                                                                                                                                                                                                                                                                                    Thumbprint MD5:04786BD703B906E22AECB2AD38CE4D94
                                                                                                                                                                                                                                                                                    Thumbprint SHA-1:07BE42727905BE32C822A638502C1B8FAAE6540A
                                                                                                                                                                                                                                                                                    Thumbprint SHA-256:FDB017BB88E5D453E22A73810690C72534F58EFB109EA0D4494EC393F2307DBC
                                                                                                                                                                                                                                                                                    Serial:0E5C655E1CBE9A8879372F58A5BC0302

                                                                                                                                                                                                                                                                                    Entrypoint Preview

                                                                                                                                                                                                                                                                                    Instruction
                                                                                                                                                                                                                                                                                    push ebp
                                                                                                                                                                                                                                                                                    mov ebp, esp
                                                                                                                                                                                                                                                                                    sub esp, 000003F4h
                                                                                                                                                                                                                                                                                    push ebx
                                                                                                                                                                                                                                                                                    push esi
                                                                                                                                                                                                                                                                                    push edi
                                                                                                                                                                                                                                                                                    push 00000020h
                                                                                                                                                                                                                                                                                    pop edi
                                                                                                                                                                                                                                                                                    xor ebx, ebx
                                                                                                                                                                                                                                                                                    push 00008001h
                                                                                                                                                                                                                                                                                    mov dword ptr [ebp-14h], ebx
                                                                                                                                                                                                                                                                                    mov dword ptr [ebp-04h], 0040A2E0h
                                                                                                                                                                                                                                                                                    mov dword ptr [ebp-10h], ebx
                                                                                                                                                                                                                                                                                    call dword ptr [004080CCh]
                                                                                                                                                                                                                                                                                    mov esi, dword ptr [004080D0h]
                                                                                                                                                                                                                                                                                    lea eax, dword ptr [ebp-00000140h]
                                                                                                                                                                                                                                                                                    push eax
                                                                                                                                                                                                                                                                                    mov dword ptr [ebp-0000012Ch], ebx
                                                                                                                                                                                                                                                                                    mov dword ptr [ebp-2Ch], ebx
                                                                                                                                                                                                                                                                                    mov dword ptr [ebp-28h], ebx
                                                                                                                                                                                                                                                                                    mov dword ptr [ebp-00000140h], 0000011Ch
                                                                                                                                                                                                                                                                                    call esi
                                                                                                                                                                                                                                                                                    test eax, eax
                                                                                                                                                                                                                                                                                    jne 00007FCDCC6E11EAh
                                                                                                                                                                                                                                                                                    lea eax, dword ptr [ebp-00000140h]
                                                                                                                                                                                                                                                                                    mov dword ptr [ebp-00000140h], 00000114h
                                                                                                                                                                                                                                                                                    push eax
                                                                                                                                                                                                                                                                                    call esi
                                                                                                                                                                                                                                                                                    mov ax, word ptr [ebp-0000012Ch]
                                                                                                                                                                                                                                                                                    mov ecx, dword ptr [ebp-00000112h]
                                                                                                                                                                                                                                                                                    sub ax, 00000053h
                                                                                                                                                                                                                                                                                    add ecx, FFFFFFD0h
                                                                                                                                                                                                                                                                                    neg ax
                                                                                                                                                                                                                                                                                    sbb eax, eax
                                                                                                                                                                                                                                                                                    mov byte ptr [ebp-26h], 00000004h
                                                                                                                                                                                                                                                                                    not eax
                                                                                                                                                                                                                                                                                    and eax, ecx
                                                                                                                                                                                                                                                                                    mov word ptr [ebp-2Ch], ax
                                                                                                                                                                                                                                                                                    cmp dword ptr [ebp-0000013Ch], 0Ah
                                                                                                                                                                                                                                                                                    jnc 00007FCDCC6E11BAh
                                                                                                                                                                                                                                                                                    and word ptr [ebp-00000132h], 0000h
                                                                                                                                                                                                                                                                                    mov eax, dword ptr [ebp-00000134h]
                                                                                                                                                                                                                                                                                    movzx ecx, byte ptr [ebp-00000138h]
                                                                                                                                                                                                                                                                                    mov dword ptr [00434FB8h], eax
                                                                                                                                                                                                                                                                                    xor eax, eax
                                                                                                                                                                                                                                                                                    mov ah, byte ptr [ebp-0000013Ch]
                                                                                                                                                                                                                                                                                    movzx eax, ax
                                                                                                                                                                                                                                                                                    or eax, ecx
                                                                                                                                                                                                                                                                                    xor ecx, ecx
                                                                                                                                                                                                                                                                                    mov ch, byte ptr [ebp-2Ch]
                                                                                                                                                                                                                                                                                    movzx ecx, cx
                                                                                                                                                                                                                                                                                    shl eax, 10h
                                                                                                                                                                                                                                                                                    or eax, ecx

                                                                                                                                                                                                                                                                                    Rich Headers

                                                                                                                                                                                                                                                                                    Programming Language:
                                                                                                                                                                                                                                                                                    • [EXP] VC++ 6.0 SP5 build 8804

                                                                                                                                                                                                                                                                                    Data Directories

                                                                                                                                                                                                                                                                                    NameVirtual AddressVirtual Size Is in Section
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXPORT0x00x0
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_IMPORT0x86100xa0.rdata
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESOURCE0x6c0000x4f40.rsrc
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_EXCEPTION0x00x0
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_SECURITY0x2bd000x2968.data
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_BASERELOC0x00x0
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_DEBUG0x00x0
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_COPYRIGHT0x00x0
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_GLOBALPTR0x00x0
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_TLS0x00x0
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG0x00x0
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT0x00x0
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_IAT0x80000x2b0.rdata
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT0x00x0
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR0x00x0
                                                                                                                                                                                                                                                                                    IMAGE_DIRECTORY_ENTRY_RESERVED0x00x0

                                                                                                                                                                                                                                                                                    Sections

                                                                                                                                                                                                                                                                                    NameVirtual AddressVirtual SizeRaw SizeMD5Xored PEZLIB ComplexityFile TypeEntropyCharacteristics
                                                                                                                                                                                                                                                                                    .text0x10000x68970x6a00ce9df19df15aa7bfbc0a8d0af0b841d0False0.6661261792452831data6.458398214928006IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                    .rdata0x80000x14a60x1600a118375c929d970903c1204233b7583dFalse0.4392755681818182data5.024109281264143IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ
                                                                                                                                                                                                                                                                                    .data0xa0000x2b0180x60082a10c59a8679bb952fc8316070b8a6cFalse0.521484375data4.15458210408643IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                    .ndata0x360000x360000x0d41d8cd98f00b204e9800998ecf8427eFalse0empty0.0IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE
                                                                                                                                                                                                                                                                                    .rsrc0x6c0000x4f400x50006147c56de0951034d77b52b0075b790fFalse0.1015625data2.760740823683962IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ

                                                                                                                                                                                                                                                                                    Resources

                                                                                                                                                                                                                                                                                    NameRVASizeTypeLanguageCountryZLIB Complexity
                                                                                                                                                                                                                                                                                    RT_ICON0x6c2080x4228Device independent bitmap graphic, 64 x 128 x 32, image size 16384, resolution 2834 x 2834 px/mEnglishUnited States0.036372224846480866
                                                                                                                                                                                                                                                                                    RT_DIALOG0x704300x202dataEnglishUnited States0.4085603112840467
                                                                                                                                                                                                                                                                                    RT_DIALOG0x706380xf8dataEnglishUnited States0.6290322580645161
                                                                                                                                                                                                                                                                                    RT_DIALOG0x707300xa0dataEnglishUnited States0.60625
                                                                                                                                                                                                                                                                                    RT_DIALOG0x707d00xeedataEnglishUnited States0.6302521008403361
                                                                                                                                                                                                                                                                                    RT_GROUP_ICON0x708c00x14dataEnglishUnited States1.1
                                                                                                                                                                                                                                                                                    RT_VERSION0x708d80x240dataEnglishUnited States0.4895833333333333
                                                                                                                                                                                                                                                                                    RT_MANIFEST0x70b180x423XML 1.0 document, ASCII text, with very long lines (1059), with no line terminatorsEnglishUnited States0.5127478753541076

                                                                                                                                                                                                                                                                                    Imports

                                                                                                                                                                                                                                                                                    DLLImport
                                                                                                                                                                                                                                                                                    ADVAPI32.dllRegCreateKeyExW, RegEnumKeyW, RegQueryValueExW, RegSetValueExW, RegCloseKey, RegDeleteValueW, RegDeleteKeyW, AdjustTokenPrivileges, LookupPrivilegeValueW, OpenProcessToken, SetFileSecurityW, RegOpenKeyExW, RegEnumValueW
                                                                                                                                                                                                                                                                                    SHELL32.dllSHGetSpecialFolderLocation, SHFileOperationW, SHBrowseForFolderW, SHGetPathFromIDListW, ShellExecuteExW, SHGetFileInfoW
                                                                                                                                                                                                                                                                                    ole32.dllOleInitialize, OleUninitialize, CoCreateInstance, IIDFromString, CoTaskMemFree
                                                                                                                                                                                                                                                                                    COMCTL32.dllImageList_Create, ImageList_Destroy, ImageList_AddMasked
                                                                                                                                                                                                                                                                                    USER32.dllGetClientRect, EndPaint, DrawTextW, IsWindowEnabled, DispatchMessageW, wsprintfA, CharNextA, CharPrevW, MessageBoxIndirectW, GetDlgItemTextW, SetDlgItemTextW, GetSystemMetrics, FillRect, AppendMenuW, TrackPopupMenu, OpenClipboard, SetClipboardData, CloseClipboard, IsWindowVisible, CallWindowProcW, GetMessagePos, CheckDlgButton, LoadCursorW, SetCursor, GetSysColor, SetWindowPos, GetWindowLongW, PeekMessageW, SetClassLongW, GetSystemMenu, EnableMenuItem, GetWindowRect, ScreenToClient, EndDialog, RegisterClassW, SystemParametersInfoW, CreateWindowExW, GetClassInfoW, DialogBoxParamW, CharNextW, ExitWindowsEx, DestroyWindow, CreateDialogParamW, SetTimer, SetWindowTextW, PostQuitMessage, SetForegroundWindow, ShowWindow, wsprintfW, SendMessageTimeoutW, FindWindowExW, IsWindow, GetDlgItem, SetWindowLongW, LoadImageW, GetDC, ReleaseDC, EnableWindow, InvalidateRect, SendMessageW, DefWindowProcW, BeginPaint, EmptyClipboard, CreatePopupMenu
                                                                                                                                                                                                                                                                                    GDI32.dllSetBkMode, SetBkColor, GetDeviceCaps, CreateFontIndirectW, CreateBrushIndirect, DeleteObject, SetTextColor, SelectObject
                                                                                                                                                                                                                                                                                    KERNEL32.dllGetExitCodeProcess, WaitForSingleObject, GetModuleHandleA, GetProcAddress, GetSystemDirectoryW, lstrcatW, Sleep, lstrcpyA, WriteFile, GetTempFileNameW, CreateFileW, lstrcmpiA, RemoveDirectoryW, CreateProcessW, CreateDirectoryW, GetLastError, CreateThread, GlobalLock, GlobalUnlock, GetDiskFreeSpaceW, WideCharToMultiByte, lstrcpynW, lstrlenW, SetErrorMode, GetVersionExW, GetCommandLineW, GetTempPathW, GetWindowsDirectoryW, SetEnvironmentVariableW, CopyFileW, ExitProcess, GetCurrentProcess, GetModuleFileNameW, GetFileSize, GetTickCount, MulDiv, SetFileAttributesW, GetFileAttributesW, SetCurrentDirectoryW, MoveFileW, GetFullPathNameW, GetShortPathNameW, SearchPathW, CompareFileTime, SetFileTime, CloseHandle, lstrcmpiW, lstrcmpW, ExpandEnvironmentStringsW, GlobalFree, GlobalAlloc, GetModuleHandleW, LoadLibraryExW, MoveFileExW, FreeLibrary, WritePrivateProfileStringW, GetPrivateProfileStringW, lstrlenA, MultiByteToWideChar, ReadFile, SetFilePointer, FindClose, FindNextFileW, FindFirstFileW, DeleteFileW

                                                                                                                                                                                                                                                                                    Possible Origin

                                                                                                                                                                                                                                                                                    Language of compilation systemCountry where language is spokenMap
                                                                                                                                                                                                                                                                                    EnglishUnited States

                                                                                                                                                                                                                                                                                    Network Behavior

                                                                                                                                                                                                                                                                                    DNS Queries

                                                                                                                                                                                                                                                                                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:14.618835926 CET192.168.2.51.1.1.10x433Standard query (0)pcapp.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.408818007 CET192.168.2.51.1.1.10x27e1Standard query (0)pcapp.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.409476042 CET192.168.2.51.1.1.10x31daStandard query (0)pcapp.store65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.467571020 CET192.168.2.51.1.1.10xeefaStandard query (0)delivery.pcapp.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.247200012 CET192.168.2.51.1.1.10xbabdStandard query (0)repository.pcapp.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.247410059 CET192.168.2.51.1.1.10x2e59Standard query (0)repository.pcapp.store65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.279546022 CET192.168.2.51.1.1.10x6db5Standard query (0)pcapp.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.279736996 CET192.168.2.51.1.1.10xb708Standard query (0)pcapp.store65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.103516102 CET192.168.2.51.1.1.10xda70Standard query (0)analytics.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.103760958 CET192.168.2.51.1.1.10xe4cfStandard query (0)analytics.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.104867935 CET192.168.2.51.1.1.10xb2a5Standard query (0)stats.g.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.105026960 CET192.168.2.51.1.1.10xb88bStandard query (0)stats.g.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.142098904 CET192.168.2.51.1.1.10x6013Standard query (0)td.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.142304897 CET192.168.2.51.1.1.10x21a5Standard query (0)td.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.166327000 CET192.168.2.51.1.1.10x8ddbStandard query (0)repository.pcapp.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.166575909 CET192.168.2.51.1.1.10xa13eStandard query (0)repository.pcapp.store65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.502255917 CET192.168.2.51.1.1.10x6f4bStandard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.502420902 CET192.168.2.51.1.1.10x7a9eStandard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.503554106 CET192.168.2.51.1.1.10x7b28Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.503911018 CET192.168.2.51.1.1.10x6056Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.565506935 CET192.168.2.51.1.1.10x4adaStandard query (0)google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.565990925 CET192.168.2.51.1.1.10xfffcStandard query (0)google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.832472086 CET192.168.2.51.1.1.10x8bf3Standard query (0)googleads.g.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.832726002 CET192.168.2.51.1.1.10x5471Standard query (0)googleads.g.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:27.768969059 CET192.168.2.51.1.1.10x7eeStandard query (0)googleads.g.doubleclick.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:27.769128084 CET192.168.2.51.1.1.10x205dStandard query (0)googleads.g.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:27.798726082 CET192.168.2.51.1.1.10xdff4Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:27.798913956 CET192.168.2.51.1.1.10x2374Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:08.889663935 CET192.168.2.51.1.1.10xe351Standard query (0)d74queuslupub.cloudfront.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:25.668587923 CET192.168.2.51.1.1.10x48f0Standard query (0)pcapp.storeA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:25.669162989 CET192.168.2.51.1.1.10xe161Standard query (0)pcapp.store65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:28.536936998 CET192.168.2.51.1.1.10x3332Standard query (0)www.google.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:28.537133932 CET192.168.2.51.1.1.10x4003Standard query (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:29.583595991 CET192.168.2.51.1.1.10x3df6Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:29.583838940 CET192.168.2.51.1.1.10xbc17Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:29.584299088 CET192.168.2.51.1.1.10xeab0Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:29.584511995 CET192.168.2.51.1.1.10x4d7dStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:33.381194115 CET192.168.2.51.1.1.10x1a0eStandard query (0)d74queuslupub.cloudfront.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:34.810477972 CET192.168.2.51.1.1.10x84a4Standard query (0)ev.pcapp.storeA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                    DNS Answers

                                                                                                                                                                                                                                                                                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:14.626414061 CET1.1.1.1192.168.2.50x433No error (0)pcapp.store167.99.235.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:14.626414061 CET1.1.1.1192.168.2.50x433No error (0)pcapp.store209.222.21.115A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:14.626414061 CET1.1.1.1192.168.2.50x433No error (0)pcapp.store104.248.126.225A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:14.626414061 CET1.1.1.1192.168.2.50x433No error (0)pcapp.store45.32.1.23A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:14.626414061 CET1.1.1.1192.168.2.50x433No error (0)pcapp.store64.176.203.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:14.626414061 CET1.1.1.1192.168.2.50x433No error (0)pcapp.store207.246.91.177A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:14.626414061 CET1.1.1.1192.168.2.50x433No error (0)pcapp.store159.223.126.41A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.416553020 CET1.1.1.1192.168.2.50x27e1No error (0)pcapp.store167.99.235.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.416553020 CET1.1.1.1192.168.2.50x27e1No error (0)pcapp.store104.248.126.225A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.416553020 CET1.1.1.1192.168.2.50x27e1No error (0)pcapp.store159.223.126.41A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.416553020 CET1.1.1.1192.168.2.50x27e1No error (0)pcapp.store64.176.203.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.416553020 CET1.1.1.1192.168.2.50x27e1No error (0)pcapp.store207.246.91.177A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.416553020 CET1.1.1.1192.168.2.50x27e1No error (0)pcapp.store209.222.21.115A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.416553020 CET1.1.1.1192.168.2.50x27e1No error (0)pcapp.store45.32.1.23A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.500492096 CET1.1.1.1192.168.2.50xeefaNo error (0)delivery.pcapp.store1285660440.rsc.cdn77.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.500492096 CET1.1.1.1192.168.2.50xeefaNo error (0)1285660440.rsc.cdn77.org37.19.194.80A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.500492096 CET1.1.1.1192.168.2.50xeefaNo error (0)1285660440.rsc.cdn77.org207.211.211.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.500492096 CET1.1.1.1192.168.2.50xeefaNo error (0)1285660440.rsc.cdn77.org195.181.170.19A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.500492096 CET1.1.1.1192.168.2.50xeefaNo error (0)1285660440.rsc.cdn77.org169.150.255.184A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.500492096 CET1.1.1.1192.168.2.50xeefaNo error (0)1285660440.rsc.cdn77.org195.181.175.40A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.500492096 CET1.1.1.1192.168.2.50xeefaNo error (0)1285660440.rsc.cdn77.org169.150.255.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:20.500492096 CET1.1.1.1192.168.2.50xeefaNo error (0)1285660440.rsc.cdn77.org212.102.56.178A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.256189108 CET1.1.1.1192.168.2.50xbabdNo error (0)repository.pcapp.store1715720427.rsc.cdn77.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.256189108 CET1.1.1.1192.168.2.50xbabdNo error (0)1715720427.rsc.cdn77.org207.211.211.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.256189108 CET1.1.1.1192.168.2.50xbabdNo error (0)1715720427.rsc.cdn77.org169.150.255.184A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.256189108 CET1.1.1.1192.168.2.50xbabdNo error (0)1715720427.rsc.cdn77.org195.181.170.19A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.256189108 CET1.1.1.1192.168.2.50xbabdNo error (0)1715720427.rsc.cdn77.org195.181.175.41A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.256189108 CET1.1.1.1192.168.2.50xbabdNo error (0)1715720427.rsc.cdn77.org37.19.194.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.256189108 CET1.1.1.1192.168.2.50xbabdNo error (0)1715720427.rsc.cdn77.org212.102.56.178A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.256189108 CET1.1.1.1192.168.2.50xbabdNo error (0)1715720427.rsc.cdn77.org169.150.255.181A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.260555029 CET1.1.1.1192.168.2.50x2e59No error (0)repository.pcapp.store1715720427.rsc.cdn77.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.286655903 CET1.1.1.1192.168.2.50x6db5No error (0)pcapp.store209.222.21.115A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.286655903 CET1.1.1.1192.168.2.50x6db5No error (0)pcapp.store159.223.126.41A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.286655903 CET1.1.1.1192.168.2.50x6db5No error (0)pcapp.store64.176.203.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.286655903 CET1.1.1.1192.168.2.50x6db5No error (0)pcapp.store167.99.235.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.286655903 CET1.1.1.1192.168.2.50x6db5No error (0)pcapp.store45.32.1.23A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.286655903 CET1.1.1.1192.168.2.50x6db5No error (0)pcapp.store207.246.91.177A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:22.286655903 CET1.1.1.1192.168.2.50x6db5No error (0)pcapp.store104.248.126.225A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.110742092 CET1.1.1.1192.168.2.50xda70No error (0)analytics.google.com142.250.185.78A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.110769033 CET1.1.1.1192.168.2.50xe4cfNo error (0)analytics.google.comanalytics-alv.google.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.111630917 CET1.1.1.1192.168.2.50xb2a5No error (0)stats.g.doubleclick.net66.102.1.154A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.111630917 CET1.1.1.1192.168.2.50xb2a5No error (0)stats.g.doubleclick.net66.102.1.157A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.111630917 CET1.1.1.1192.168.2.50xb2a5No error (0)stats.g.doubleclick.net66.102.1.156A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.111630917 CET1.1.1.1192.168.2.50xb2a5No error (0)stats.g.doubleclick.net66.102.1.155A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.149213076 CET1.1.1.1192.168.2.50x6013No error (0)td.doubleclick.net142.250.185.226A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.180497885 CET1.1.1.1192.168.2.50xa13eNo error (0)repository.pcapp.store1715720427.rsc.cdn77.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.187488079 CET1.1.1.1192.168.2.50x8ddbNo error (0)repository.pcapp.store1715720427.rsc.cdn77.orgCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.187488079 CET1.1.1.1192.168.2.50x8ddbNo error (0)1715720427.rsc.cdn77.org207.211.211.27A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.187488079 CET1.1.1.1192.168.2.50x8ddbNo error (0)1715720427.rsc.cdn77.org169.150.255.184A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.187488079 CET1.1.1.1192.168.2.50x8ddbNo error (0)1715720427.rsc.cdn77.org195.181.175.40A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.187488079 CET1.1.1.1192.168.2.50x8ddbNo error (0)1715720427.rsc.cdn77.org37.19.194.81A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.187488079 CET1.1.1.1192.168.2.50x8ddbNo error (0)1715720427.rsc.cdn77.org169.150.255.180A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.187488079 CET1.1.1.1192.168.2.50x8ddbNo error (0)1715720427.rsc.cdn77.org212.102.56.179A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:23.187488079 CET1.1.1.1192.168.2.50x8ddbNo error (0)1715720427.rsc.cdn77.org195.181.170.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.677743912 CET1.1.1.1192.168.2.50x6f4bNo error (0)www.google.com142.250.185.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.677758932 CET1.1.1.1192.168.2.50x7a9eNo error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.677769899 CET1.1.1.1192.168.2.50x7b28No error (0)www.google.com172.217.18.100A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.677779913 CET1.1.1.1192.168.2.50x6056No error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.680985928 CET1.1.1.1192.168.2.50xfffcNo error (0)google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.680999994 CET1.1.1.1192.168.2.50x4adaNo error (0)google.com142.250.185.110A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.839456081 CET1.1.1.1192.168.2.50x8bf3No error (0)googleads.g.doubleclick.net142.250.185.194A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:24.839512110 CET1.1.1.1192.168.2.50x5471No error (0)googleads.g.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:27.776106119 CET1.1.1.1192.168.2.50x7eeNo error (0)googleads.g.doubleclick.net142.250.181.226A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:27.776329994 CET1.1.1.1192.168.2.50x205dNo error (0)googleads.g.doubleclick.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:27.806040049 CET1.1.1.1192.168.2.50xdff4No error (0)www.google.com216.58.212.132A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:25:27.806054115 CET1.1.1.1192.168.2.50x2374No error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:08.899724007 CET1.1.1.1192.168.2.50xe351No error (0)d74queuslupub.cloudfront.net18.239.94.39A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:08.899724007 CET1.1.1.1192.168.2.50xe351No error (0)d74queuslupub.cloudfront.net18.239.94.17A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:08.899724007 CET1.1.1.1192.168.2.50xe351No error (0)d74queuslupub.cloudfront.net18.239.94.126A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:08.899724007 CET1.1.1.1192.168.2.50xe351No error (0)d74queuslupub.cloudfront.net18.239.94.105A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:25.676126957 CET1.1.1.1192.168.2.50x48f0No error (0)pcapp.store104.248.126.225A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:25.676126957 CET1.1.1.1192.168.2.50x48f0No error (0)pcapp.store167.99.235.203A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:25.676126957 CET1.1.1.1192.168.2.50x48f0No error (0)pcapp.store159.223.126.41A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:25.676126957 CET1.1.1.1192.168.2.50x48f0No error (0)pcapp.store207.246.91.177A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:25.676126957 CET1.1.1.1192.168.2.50x48f0No error (0)pcapp.store45.32.1.23A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:25.676126957 CET1.1.1.1192.168.2.50x48f0No error (0)pcapp.store209.222.21.115A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:25.676126957 CET1.1.1.1192.168.2.50x48f0No error (0)pcapp.store64.176.203.93A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:28.583070993 CET1.1.1.1192.168.2.50x3332No error (0)www.google.com142.250.184.228A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:28.583141088 CET1.1.1.1192.168.2.50x4003No error (0)www.google.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:29.590586901 CET1.1.1.1192.168.2.50x3df6No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:29.590586901 CET1.1.1.1192.168.2.50x3df6No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:29.590759993 CET1.1.1.1192.168.2.50xbc17No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:29.591057062 CET1.1.1.1192.168.2.50xeab0No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:29.591057062 CET1.1.1.1192.168.2.50xeab0No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:29.592217922 CET1.1.1.1192.168.2.50x4d7dNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:33.392848015 CET1.1.1.1192.168.2.50x1a0eNo error (0)d74queuslupub.cloudfront.net18.173.205.91A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:33.392848015 CET1.1.1.1192.168.2.50x1a0eNo error (0)d74queuslupub.cloudfront.net18.173.205.24A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:33.392848015 CET1.1.1.1192.168.2.50x1a0eNo error (0)d74queuslupub.cloudfront.net18.173.205.111A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:33.392848015 CET1.1.1.1192.168.2.50x1a0eNo error (0)d74queuslupub.cloudfront.net18.173.205.117A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:34.819284916 CET1.1.1.1192.168.2.50x84a4No error (0)ev.pcapp.store147.182.211.77A (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                    HTTP Packets

                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    0192.168.2.557563167.99.235.203807972C:\Users\user\PCAppStore\PcAppStore.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:33.289736032 CET196OUTGET /notify_app_v2.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&lastid=0&lasttime=0&end_v=fa.1092c&nocache=5655328 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    User-Agent: WinHTTP 1.0
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Nov 11, 2024 22:26:33.704674959 CET524INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                    Content-Length: 162
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Location: https://pcapp.store/notify_app_v2.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&lastid=0&lasttime=0&end_v=fa.1092c&nocache=5655328
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Data Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                                                                    HTTPS Proxied Packets

                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    0192.168.2.549706167.99.235.2034433688C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:15 UTC260OUTPOST /inst_cpg.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&version=fa.1092c&src=pcapp_mini&uc=16le HTTP/1.1
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    User-Agent: NSIS_wininet
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Content-Length: 4668
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:15 UTC4668OUTData Raw: 7b 00 22 00 73 00 79 00 73 00 74 00 65 00 6d 00 5f 00 73 00 74 00 61 00 74 00 73 00 22 00 3a 00 7b 00 22 00 6f 00 73 00 5f 00 6e 00 61 00 6d 00 65 00 22 00 3a 00 22 00 4d 00 69 00 63 00 72 00 6f 00 73 00 6f 00 66 00 74 00 2b 00 57 00 69 00 6e 00 64 00 6f 00 77 00 73 00 2b 00 31 00 30 00 2b 00 50 00 72 00 6f 00 22 00 2c 00 22 00 6f 00 73 00 5f 00 69 00 6e 00 73 00 74 00 61 00 6c 00 6c 00 64 00 61 00 74 00 65 00 22 00 3a 00 22 00 32 00 30 00 32 00 33 00 31 00 30 00 30 00 33 00 31 00 30 00 35 00 37 00 31 00 38 00 25 00 32 00 45 00 30 00 30 00 30 00 30 00 30 00 30 00 25 00 32 00 42 00 31 00 32 00 30 00 22 00 2c 00 22 00 6f 00 73 00 5f 00 70 00 72 00 6f 00 63 00 65 00 73 00 73 00 65 00 73 00 22 00 3a 00 22 00 31 00 31 00 30 00 22 00 2c 00 22 00 6f 00 73 00 5f
                                                                                                                                                                                                                                                                                    Data Ascii: {"system_stats":{"os_name":"Microsoft+Windows+10+Pro","os_installdate":"20231003105718%2E000000%2B120","os_processes":"110","os_
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:15 UTC509INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:15 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:15 UTC229INData Raw: 64 61 0d 0a 7b 00 22 00 63 00 70 00 67 00 22 00 3a 00 22 00 64 00 65 00 66 00 61 00 75 00 6c 00 74 00 22 00 2c 00 22 00 69 00 6e 00 73 00 74 00 5f 00 65 00 78 00 63 00 6c 00 22 00 3a 00 6e 00 75 00 6c 00 6c 00 2c 00 22 00 69 00 6e 00 73 00 74 00 5f 00 61 00 64 00 64 00 6f 00 6e 00 22 00 3a 00 7b 00 22 00 65 00 75 00 6c 00 61 00 22 00 3a 00 22 00 73 00 6b 00 69 00 70 00 70 00 65 00 64 00 22 00 7d 00 2c 00 22 00 69 00 6e 00 73 00 74 00 5f 00 61 00 64 00 76 00 61 00 6e 00 63 00 65 00 64 00 22 00 3a 00 7b 00 22 00 70 00 61 00 74 00 68 00 22 00 3a 00 22 00 31 00 22 00 2c 00 22 00 73 00 74 00 61 00 72 00 74 00 75 00 70 00 22 00 3a 00 22 00 31 00 22 00 7d 00 7d 00 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: da{"cpg":"default","inst_excl":null,"inst_addon":{"eula":"skipped"},"inst_advanced":{"path":"1","startup":"1"}}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    1192.168.2.549707167.99.235.2034433688C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:16 UTC264OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_mini_installer&evt_action=show_page&p=wel&_fcid=1731354202975821 HTTP/1.1
                                                                                                                                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:16 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:16 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:16 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    2192.168.2.549708167.99.235.2034433688C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:18 UTC271OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_mini_installer&evt_action=show_page&p=installing&_fcid=1731354202975821 HTTP/1.1
                                                                                                                                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:18 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:18 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:18 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    3192.168.2.549709167.99.235.2034433688C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:19 UTC265OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_mini_installer&evt_action=start&permision=&_fcid=1731354202975821 HTTP/1.1
                                                                                                                                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:19 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:19 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:19 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    4192.168.2.549714167.99.235.2034433688C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:20 UTC263OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_mini_installer&evt_action=download_start&_fcid=1731354202975821 HTTP/1.1
                                                                                                                                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:20 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:20 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:20 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    5192.168.2.549717167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:20 UTC790OUTGET /installing.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&winver=19045&version=fa.1092c&nocache=20241111162518.134&_fcid=1731354202975821 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                    Sec-Fetch-User: ?1
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: document
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC645INHTTP/1.1 307 Temporary Redirect
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:20 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Location: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    6192.168.2.54971937.19.194.804433688C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC186OUTGET /download.php?&src=mini_installer&file=1&mini_ver=fa.1092c HTTP/1.1
                                                                                                                                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                                                                                                                                    Host: delivery.pcapp.store
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC809INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:21 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                    Content-Length: 93386616
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Content-Description: File Transfer
                                                                                                                                                                                                                                                                                    Content-Disposition: attachment; filename="Setup.exe"
                                                                                                                                                                                                                                                                                    Expires: Mon, 11 Nov 2024 21:34:29 GMT
                                                                                                                                                                                                                                                                                    Cache-Control: max-age=900
                                                                                                                                                                                                                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    X-77-NZT: EgwBJRPCTwGzVwIAAAwBnJIhHwG3YAEAAA
                                                                                                                                                                                                                                                                                    X-77-NZT-Ray: 0d1fa5185364b08f417632677e445b16
                                                                                                                                                                                                                                                                                    X-77-Cache: HIT
                                                                                                                                                                                                                                                                                    X-77-Age: 352
                                                                                                                                                                                                                                                                                    Server: CDN77-Turbo
                                                                                                                                                                                                                                                                                    X-77-POP: frankfurtDE
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC15575INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 d8 00 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 ad 31 08 81 e9 50 66 d2 e9 50 66 d2 e9 50 66 d2 2a 5f 39 d2 eb 50 66 d2 e9 50 67 d2 4c 50 66 d2 2a 5f 3b d2 e6 50 66 d2 bd 73 56 d2 e3 50 66 d2 2e 56 60 d2 e8 50 66 d2 52 69 63 68 e9 50 66 d2 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 50 45 00 00 4c 01 05 00 1f 9b 4f 61 00 00 00 00 00 00 00 00 e0 00 0f 01 0b 01 06 00 00 68 00 00 00 2a 02 00 00 08 00
                                                                                                                                                                                                                                                                                    Data Ascii: MZ@!L!This program cannot be run in DOS mode.$1PfPfPf*_9PfPgLPf*_;PfsVPf.V`PfRichPfPELOah*
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 42 00 0f 85 19 01 00 00 a1 20 27 42 00 8d 78 14 f6 07 20 0f 84 08 01 00 00 53 53 68 f0 00 00 00 68 0a 04 00 00 ff 75 08 ff 15 64 82 40 00 50 ff d6 8b 0f 83 e0 01 83 e1 fe 50 0b c8 89 0f e8 cc fc ff ff e8 ef 00 00 00 83 7d 0c 4e 0f 85 c0 00 00 00 68 e8 03 00 00 ff 75 08 ff 15 64 82 40 00 8b 7d 14 81 7f 08 0b 07 00 00 75 67 81 7f 0c 01 02 00 00 75 5e 8b 4f 1c 8b 57 18 89 4d f8 2b ca 81 f9 00 08 00 00 89 55 f4 c7 45 fc 00 82 42 00 73 41 8d 4d f4 51 53 68 4b 04 00 00 50 ff d6 8b 3d ec 81 40 00 68 02 7f 00 00 53 ff d7 50 ff 15 f0 81 40 00 6a 01 ff 75 fc ff 75 08 e8 9a 00 00 00 68 00 7f 00 00 53 ff d7 50 ff 15 f0 81 40 00 8b 7d 14 81 7f 08 00 07 00 00 75 48 81 7f 0c 00 01 00 00 75 3f 83 7f 10 0d 75 10 53 6a 01 68 11 01 00 00 ff 35 68 a2 42 00 ff d6 83 7f 10 1b
                                                                                                                                                                                                                                                                                    Data Ascii: B 'Bx SShhud@PP}Nhud@}ugu^OWM+UEBsAMQShKP=@hSP@juuhSP@}uHu?uSjh5hB
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 6d 65 57 00 00 71 02 4d 6f 76 65 46 69 6c 65 57 00 0b 03 53 65 74 43 75 72 72 65 6e 74 44 69 72 65 63 74 6f 72 79 57 00 00 61 01 47 65 74 46 69 6c 65 41 74 74 72 69 62 75 74 65 73 57 00 00 1a 03 53 65 74 46 69 6c 65 41 74 74 72 69 62 75 74 65 73 57 00 00 56 03 53 6c 65 65 70 00 df 01 47 65 74 54 69 63 6b 43 6f 75 6e 74 00 00 56 00 43 72 65 61 74 65 46 69 6c 65 57 00 63 01 47 65 74 46 69 6c 65 53 69 7a 65 00 7e 01 47 65 74 4d 6f 64 75 6c 65 46 69 6c 65 4e 61 6d 65 57 00 00 42 01 47 65 74 43 75 72 72 65 6e 74 50 72 6f 63 65 73 73 00 b9 00 45 78 69 74 50 72 6f 63 65 73 73 00 46 00 43 6f 70 79 46 69 6c 65 57 00 14 03 53 65 74 45 6e 76 69 72 6f 6e 6d 65 6e 74 56 61 72 69 61 62 6c 65 57 00 f4 01 47 65 74 57 69 6e 64 6f 77 73 44 69 72 65 63 74 6f 72 79 57 00 00
                                                                                                                                                                                                                                                                                    Data Ascii: meWqMoveFileWSetCurrentDirectoryWaGetFileAttributesWSetFileAttributesWVSleepGetTickCountVCreateFileWcGetFileSize~GetModuleFileNameWBGetCurrentProcessExitProcessFCopyFileWSetEnvironmentVariableWGetWindowsDirectoryW
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff cb da ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff f3 f6 ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff 96 b4 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68 ff ff 2c 68
                                                                                                                                                                                                                                                                                    Data Ascii: ,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h,h
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 1e b7 19 be b4 d7 36 6f 80 bd ab 3c 0a 7f 23 44 2c a9 44 3b 40 0e b8 c8 d1 97 7a 8c 77 f6 65 8d 5a b4 56 de cc 40 26 ee df a4 dc 52 d1 24 20 ce 6a 03 a1 b0 08 73 92 93 8e 0b 43 51 55 2a 7e b8 f9 2f 47 a9 9e d6 26 d6 c3 87 c5 34 7f ba 81 2e 71 93 86 17 23 47 2b 65 85 5e ec 69 be 3f ef 97 03 08 60 0b ff 28 85 7c 6d 4a 4c 27 96 46 ab 90 e3 d2 d1 fb b3 0d 7a e6 8d ba a8 25 50 29 80 b3 7a 78 5e 85 cf 09 a7 83 13 ea d3 98 73 24 95 dc a2 a5 6a 74 51 60 03 fc ec df 71 b3 27 a6 c5 a5 e4 f5 e1 13 46 5d 61 0a ad 8f e8 d1 a8 5f 9f 9a 51 ba 4c b0 75 89 45 42 7d 71 80 b1 9d 1d 19 1d 99 d0 17 f4 10 d7 58 b0 fa 21 cd 28 ea 41 70 fe 33 0a 32 ca 9e e6 85 4e fe 1b a9 2e 12 47 87 2f 35 e9 77 52 e7 6b f5 2c cc d1 a1 44 c6 ae c2 88 8b 7c 36 bb 53 c8 16 6b 41 77 16 cd 05 0c 37
                                                                                                                                                                                                                                                                                    Data Ascii: 6o<#D,D;@zweZV@&R$ jsCQU*~/G&4.q#G+e^i?`(|mJL'Fz%P)zx^s$jtQ`q'F]a_QLuEB}qX!(Ap32N.G/5wRk,D|6SkAw7
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 0a ff 8e b8 b0 a1 90 f3 61 e0 2b 2d 7c 07 fb 59 0d c0 9d 52 d0 3d 51 b3 a6 77 8d 02 28 d6 9c 15 f7 60 e5 74 0c b1 cb ac c1 06 91 2c 33 da 8f 5c 4a 93 6d 7a 58 c5 0c eb 03 fa 47 b4 8a 6c 28 d0 6a 45 94 df 9e aa f9 ec a5 51 a4 b1 f6 f0 6a 2c 57 d5 a5 8e da a2 4a b3 9a 9f b4 50 d7 0e 21 98 4e 80 7b 1f 7a bc e7 83 8a 2b 63 5d 87 0b 01 02 f3 c2 ff 94 f8 b6 bf 8a 90 e5 eb fd da 8b db f2 7c 50 59 d9 c5 5f 02 32 1f ca ff 27 c6 94 98 c6 95 2f b3 3c 4e 18 66 f4 87 c3 6d 53 c6 af f6 94 b8 34 b8 ca d6 0c aa b9 bb dc c2 7e 16 5c 44 f4 79 bd 94 dc 96 a5 09 3a 10 85 cc 08 12 55 30 6a ac 73 22 87 d0 9d b3 36 a3 f9 eb d4 11 c1 1e 69 3d 15 38 0a 7c 22 71 09 e0 aa c3 87 82 85 35 db 42 0a 79 57 5d 17 7c 11 bb 15 81 ef 4d da 32 b8 7d ce a7 66 30 9a 71 0b b0 76 fd 77 12 48 42
                                                                                                                                                                                                                                                                                    Data Ascii: a+-|YR=Qw(`t,3\JmzXGl(jEQj,WJP!N{z+c]|PY_2'/<NfmS4~\Dy:U0js"6i=8|"q5ByW]|M2}f0qvwHB
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 92 63 a2 bd d6 8d 1a b7 e4 c7 cd 1a 30 f1 01 c6 14 d5 bf 90 8b b4 be 05 9f 04 86 77 90 93 42 c1 99 a3 19 c3 1f 4d 02 68 6c c1 c8 94 7c cc c4 89 9d 7b ef 52 0c c5 c9 a9 77 52 3c a4 b6 ae 69 89 12 0f 76 bb 27 ee 6e 70 15 0f c0 36 4e e8 9b 14 45 b9 cb 5a 95 71 fd f2 f1 90 e4 fa f2 dd d8 7d f1 5e 53 67 fa 00 da 4c 84 09 d3 3e 22 0c 43 c9 47 c6 88 72 a4 32 4f ee cf ac de 61 3b b7 7a 11 fe 9b 4b 8f 5f 3a 76 67 8b 6b dd 62 de fe 56 f5 0f 99 11 73 39 b0 b1 58 21 21 c9 6c bb 8e 27 5b 4a 35 21 29 ef c7 98 81 f5 ce 9a a3 c1 7a 1a c9 31 3e 91 dc f3 5c 01 ed 5e 6f 77 ff 33 d9 0b e0 d3 97 31 80 6a 75 1e 67 c9 59 33 42 d9 20 ef 0d 8f 21 f3 c1 d7 4c 13 e7 8d 61 27 44 0a de 0e 69 fa d2 3f ee 68 3a ae 1f 06 84 1e e6 f4 0d 9a 9f b3 22 4b 90 f5 d8 ad 6c db 31 aa 9a 21 ad af
                                                                                                                                                                                                                                                                                    Data Ascii: c0wBMhl|{RwR<iv'np6NEZq}^SgL>"CGr2Oa;zK_:vgkbVs9X!!l'[J5!)z1>\^ow31jugY3B !La'Di?h:"Kl1!
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: cb 83 03 fb f5 75 a2 0e a3 ad de cf 28 7b 91 3d a8 b5 b6 9c ff c7 af 9f 0b 7e da 57 92 e8 af bf 14 07 df e1 32 66 a7 86 2d d4 27 1c 5d 23 13 bf ab e8 e1 ba b4 2e 5f ab c7 b4 6e e9 48 c9 2e 9d cb 1e 03 5a c2 99 6d fe c3 ec d3 78 ba 2e e6 ef 15 4c fb 81 c2 6e 90 18 9e 2a 8d 06 aa 4c 60 cd c5 ef f7 b2 af 51 01 43 22 38 a7 45 18 f7 d3 71 03 b9 27 a1 b2 61 6d f9 f4 bf d1 2b 59 6e 5d a4 fa 81 83 9a 51 18 3d 57 f1 82 04 ff fa 0d 62 44 0e e1 b8 ab 20 09 9d e0 c7 c9 2b 82 67 4d f8 41 87 45 ea 9f 14 1d 4c b4 24 2f 92 c9 57 30 f0 2e 12 44 96 24 75 ce 7d 41 45 d2 dc 2e 03 af db 0f 49 b0 6f fd 79 d6 e8 f6 81 1c 83 db 96 7f 27 0d 03 de b5 4a c5 18 dd 4c 55 20 ee 46 66 3d 18 f9 ea 6a 8d 6b 2e dd c5 80 ae ae 9c 01 13 e8 6c 6e 35 f1 4e db 52 46 88 87 b2 b8 6c 94 cc 9c 4f
                                                                                                                                                                                                                                                                                    Data Ascii: u({=~W2f-']#._nH.Zmx.Ln*L`QC"8Eq'am+Yn]Q=WbD +gMAEL$/W0.D$u}AE.Ioy'JLU Ff=jk.ln5NRFlO
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 62 3a 99 08 b3 89 06 f6 0a 54 6e 63 02 dd ae 9c a2 eb ec f4 4f 21 5e 52 91 6e cb 9b 42 42 aa ac b6 83 99 a4 9b e0 bd 29 4c 91 20 bc 0e 1d b4 e4 34 3b b8 88 0a 43 4a ab fc 70 4f 26 4c 50 87 aa 64 5c d7 54 91 63 d3 4e 1c e8 7b b4 53 25 7d 7b c0 1a 75 12 86 52 a5 ac f5 46 91 db ca f8 4c da 28 c7 c5 81 81 87 9b ee 04 56 81 64 21 36 1c ef 65 89 d4 67 03 6c ee dc 03 38 a7 6f 0c 82 d7 e7 00 6c 78 9e 2a 6b 19 57 44 56 8c 83 d6 f1 3c 7e 2a 2a e0 2a 10 8c 9b e8 29 60 ab 49 28 30 89 2e 52 f3 a1 dc a7 be 90 04 6c 0f 83 1d b6 e0 67 63 36 d9 fd 66 ae 47 68 a1 b1 92 23 5f 3a 06 47 4f 0b 1a 4b d0 55 2b 71 49 85 39 e0 55 33 27 df b5 cb 57 4c f5 20 06 ab 71 92 fa b9 98 4d 41 9c f9 e1 43 a3 c4 b2 f0 3d 79 3a 30 72 a4 d0 0a 88 74 14 f4 25 53 50 d7 6d a0 de 33 f4 fa 7e 9d cd
                                                                                                                                                                                                                                                                                    Data Ascii: b:TncO!^RnBB)L 4;CJpO&LPd\TcN{S%}{uRFL(Vd!6egl8olx*kWDV<~***)`I(0.Rlgc6fGh#_:GOKU+qI9U3'WL qMAC=y:0rt%SPm3~
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: fd 50 b3 87 92 0c 71 fe d1 5f a7 82 4d 38 5f 97 f3 e6 00 7e 55 96 b5 b2 ce 31 1e 04 55 91 69 bf b5 e6 cb 8f bd 2c c5 fe 6b dd 26 4d b2 c7 8b 89 a9 44 28 65 0d 30 7c df ad f0 1c 2e e7 01 0e 1c 6d ce 01 ac e8 d9 51 6d 8d 0d 49 04 8b 55 97 10 5b f6 55 53 d4 60 21 34 ee 4c a6 a5 e7 d1 2f e9 ec 14 5f 71 7c f7 0c cf 9c eb 4c 64 5d 08 28 63 0e 96 2a 80 b5 62 65 f1 b9 43 eb b4 f5 b1 50 36 a6 fb 82 8d 5e 02 bb 66 c0 b5 85 32 32 bc 61 45 72 c5 f0 bd e0 24 b1 b6 58 81 60 ee fb ca be 32 df 5e f0 ca c2 b3 1e c1 c7 27 26 02 d4 8f c7 dd 9e 44 50 d0 01 28 10 67 81 77 f8 e5 e8 07 39 54 ef 74 cc c7 b9 93 84 cb 07 a7 f7 a4 40 97 bc 1b 34 20 64 27 ef a4 da a2 35 7d 29 d8 a0 5e 69 10 d6 4b fa 98 e9 94 ef 18 c3 79 68 f8 d3 59 b0 d0 e7 e7 d6 60 12 13 13 85 9f d0 19 09 30 f6 09
                                                                                                                                                                                                                                                                                    Data Ascii: Pq_M8_~U1Ui,k&MD(e0|.mQmIU[US`!4L/_q|Ld](c*beCP6^f22aEr$X`2^'&DP(gw9Tt@4 d'5})^iKyhY`0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    7192.168.2.54972013.107.246.45443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC195OUTGET /rules/other-Win32-v19.bundle HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC471INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:21 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                    Content-Length: 218853
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Cache-Control: public
                                                                                                                                                                                                                                                                                    Last-Modified: Sat, 09 Nov 2024 18:56:51 GMT
                                                                                                                                                                                                                                                                                    ETag: "0x8DD00F04568BDCF"
                                                                                                                                                                                                                                                                                    x-ms-request-id: a2ad2bd1-f01e-0096-27d5-3310ef000000
                                                                                                                                                                                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                    x-azure-ref: 20241111T212521Z-174f7845968v79b7hC1EWRu01s000000052000000000hsra
                                                                                                                                                                                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                    X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC15913INData Raw: 31 30 30 30 76 35 2b 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 30 30 22 20 56 3d 22 35 22 20 44 43 3d 22 45 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 54 65 6c 65 6d 65 74 72 79 2e 52 75 6c 65 45 72 72 6f 72 73 41 67 67 72 65 67 61 74 65 64 22 20 41 54 54 3d 22 66 39 39 38 63 63 35 62 61 34 64 34 34 38 64 36 61 31 65 38 65 39 31 33 66 66 31 38 62 65 39 34 2d 64 64 31 32 32 65 30 61 2d 66 63 66 38 2d 34 64 63 35 2d 39 64 62 62 2d 36 61 66 61 63 35 33 32 35 31 38 33 2d 37 34 30 35 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 42 75 73 69 6e 65 73 73 49 6d 70 61 63 74 22 20 53 3d 22 37 30 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 20 50 53 55 22 20
                                                                                                                                                                                                                                                                                    Data Ascii: 1000v5+<?xml version="1.0" encoding="utf-8"?><R Id="1000" V="5" DC="ESM" EN="Office.Telemetry.RuleErrorsAggregated" ATT="f998cc5ba4d448d6a1e8e913ff18be94-dd122e0a-fcf8-4dc5-9dbb-6afac5325183-7405" SP="CriticalBusinessImpact" S="70" DL="A" DCa="PSP PSU"
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 42 22 20 49 3d 22 35 22 20 4f 3d 22 66 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22 20 54 3d 22 49 33 32 22 20 2f 3e 0d 0a 20
                                                                                                                                                                                                                                                                                    Data Ascii: /> </R> </O> </R> </O> </C> <C T="B" I="5" O="false"> <O T="AND"> <L> <O T="GE"> <L> <S T="1" F="0" /> </L> <R> <V V="400" T="I32" />
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 30 38 32 30 22 20 56 3d 22 33 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 4f 75 74 6c 6f 6f 6b 2e 44 65 73 6b 74 6f 70 2e 43 6f 6e 74 61 63 74 43 61 72 64 50 72 6f 70 65 72 74 69 65 73 43 6f 75 6e 74 73 22 20 41 54 54 3d 22 64 38 30 37 36 30 39 32 37 36 37 34 34 32 34 35 62 61 66 38 31 62 66 37 62 63 38 30 33 33 66 36 2d 32 32 36 38 65 33 37 34 2d 37 37 36 36 2d 34 39 37 36 2d 62 65 34 34 2d 62 36 61 64 35 62 64 64 63 35 62 36 2d 37 38 31 33 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 41 20 54 3d 22 31 22 20 45 3d 22 54 65 6c 65 6d 65 74 72 79 53 68 75 74 64 6f 77 6e 22 20 2f 3e 0d
                                                                                                                                                                                                                                                                                    Data Ascii: .0" encoding="utf-8"?><R Id="10820" V="3" DC="SM" EN="Office.Outlook.Desktop.ContactCardPropertiesCounts" ATT="d807609276744245baf81bf7bc8033f6-2268e374-7766-4976-be44-b6ad5bddc5b6-7813" DCa="PSU" xmlns=""> <S> <A T="1" E="TelemetryShutdown" />
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 39 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 41 67 65 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 34 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 30 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 50 75 72 67 65 64 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 35 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 31 22 20 4f 3d 22 74 72 75 65 22 20 4e 3d 22 46 69 6c 65 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 53 20 54 3d 22 38 22 20 46 3d 22 43 6f 75 6e 74 22 20 2f 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20
                                                                                                                                                                                                                                                                                    Data Ascii: </C> <C T="U32" I="9" O="true" N="Purged_Age"> <S T="4" F="Count" /> </C> <C T="U32" I="10" O="true" N="Purged_Count"> <S T="5" F="Count" /> </C> <C T="U32" I="11" O="true" N="File_Count"> <S T="8" F="Count" /> </C>
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 43 61 72 64 5f 56 61 6c 69 64 4d 61 6e 61 67 65 72 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6f 75 6e 74 5f 43 72 65 61 74 65 52 65 73 75 6c 74 5f 56 61 6c 69 64 50 65 72 73 6f 6e 61 5f 46 61 6c 73 65 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 32 22 20 2f 3e 0d 0a 20
                                                                                                                                                                                                                                                                                    Data Ascii: <S T="10" /> </C> </C> <C T="U32" I="1" O="false" N="Count_CreateCard_ValidManager_False"> <C> <S T="11" /> </C> </C> <C T="U32" I="2" O="false" N="Count_CreateResult_ValidPersona_False"> <C> <S T="12" />
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 57 61 73 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 50 61 69 6e 74 5f 49 4d 73 6f 50 65 72 73 6f 6e 61 5f 4e 75 6c 6c 5f 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 33 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 32 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 43 6c 65 61 6e 75 70 4d 73 6f 50 65 72 73 6f 6e 61 5f 49 4d 73 6f 50 65 72 73 6f 6e
                                                                                                                                                                                                                                                                                    Data Ascii: Paint_IMsoPersona_WasNull_Count"> <C> <S T="32" /> </C> </C> <C T="U32" I="20" O="false" N="Paint_IMsoPersona_Null_Count"> <C> <S T="33" /> </C> </C> <C T="U32" I="21" O="false" N="CleanupMsoPersona_IMsoPerson
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 32 30 30 22 20 54 3d 22 49 36 34 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 4c 54 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 52 65 74 72 69 65 76 61 6c 4d 69 6c 6c 69 73 65 63 6f 6e 64 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 30 22
                                                                                                                                                                                                                                                                                    Data Ascii: <R> <V V="200" T="I64" /> </R> </O> </L> <R> <O T="LT"> <L> <S T="3" F="RetrievalMilliseconds" /> </L> <R> <V V="400"
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 0d 0a 20 20 3c 2f 53 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 30 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 53 75 63 63 65 73 73 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43 3e 0d 0a 20 20 3c 2f 43 3e 0d 0a 20 20 3c 43 20 54 3d 22 55 33 32 22 20 49 3d 22 31 22 20 4f 3d 22 66 61 6c 73 65 22 20 4e 3d 22 4f 63 6f 6d 32 49 55 43 4f 66 66 69 63 65 49 6e 74 65 67 72 61 74 69 6f 6e 46 69 72 73 74 43 61 6c 6c 46 61 69 6c 65 64 43 6f 75 6e 74 22 3e 0d 0a 20 20 20 20 3c 43 3e 0d 0a 20 20 20 20 20 20 3c 53 20 54 3d 22 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 2f 43
                                                                                                                                                                                                                                                                                    Data Ascii: </S> <C T="U32" I="0" O="false" N="Ocom2IUCOfficeIntegrationFirstCallSuccessCount"> <C> <S T="9" /> </C> </C> <C T="U32" I="1" O="false" N="Ocom2IUCOfficeIntegrationFirstCallFailedCount"> <C> <S T="10" /> </C
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 54 65 6e 61 6e 74 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 33 22 20 46 3d 22 55 73 65 72 20 65 6e 61 62 6c 65 64 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 66 61 6c 73 65 22 20 54 3d 22 42 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                    Data Ascii: L> <S T="3" F="Tenant enabled" /> </L> <R> <O T="EQ"> <L> <S T="3" F="User enabled" /> </L> <R> <V V="false" T="B" /> </R>
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC16384INData Raw: 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20 20 20 20 3c 52 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 56 20 56 3d 22 34 30 34 22 20 54 3d 22 55 33 32 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 3c 2f 52 3e 0d 0a 20 20 20 20 20 20 3c 2f 4f 3e 0d 0a 20 20 20 20 3c 2f 46 3e 0d 0a 20 20 20 20 3c 46 20 54 3d 22 37 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 41 4e 44 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 4f 20 54 3d 22 47 45 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 32 22 20 46 3d 22 48 74 74 70 53 74 61 74 75 73 22 20 2f 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 2f 4c 3e 0d 0a 20 20 20 20 20
                                                                                                                                                                                                                                                                                    Data Ascii: us" /> </L> <R> <V V="404" T="U32" /> </R> </O> </F> <F T="7"> <O T="AND"> <L> <O T="GE"> <L> <S T="2" F="HttpStatus" /> </L>


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    8192.168.2.549723167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC770OUTGET /?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                    Sec-Fetch-User: ?1
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: document
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC585INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:21 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Set-Cookie: srcr=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC15799INData Raw: 31 65 33 62 0d 0a 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 22 65 6e 22 3e 0a 20 20 3c 68 65 61 64 3e 0a 20 20 20 20 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 22 55 54 46 2d 38 22 20 2f 3e 0a 20 20 20 20 3c 6d 65 74 61 20 6e 61 6d 65 3d 22 76 69 65 77 70 6f 72 74 22 20 63 6f 6e 74 65 6e 74 3d 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 22 20 2f 3e 0a 20 20 20 20 3c 74 69 74 6c 65 3e 41 50 50 20 53 54 4f 52 45 3a 20 49 6e 73 74 61 6c 6c 69 6e 67 3c 2f 74 69 74 6c 65 3e 0a 20 20 20 20 3c 6c 69 6e 6b 20 72 65 6c 3d 22 69 63 6f 6e 22 20 68 72 65 66 3d 22 2f 6c 70 2f 61 70 70 73 74 6f 72 65 2f 69 6d 67 2f 66 61 76 69 63 6f 6e 2e 69 63 6f 22 20 2f 3e 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 1e3b<!DOCTYPE html><html lang="en"> <head> <meta charset="UTF-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <title>APP STORE: Installing</title> <link rel="icon" href="/lp/appstore/img/favicon.ico" />
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:21 UTC12663INData Raw: 20 63 2e 73 75 62 73 74 72 69 6e 67 28 31 2c 20 63 2e 6c 65 6e 67 74 68 29 3b 0a 20 20 20 20 20 20 20 20 20 20 20 20 69 66 20 28 63 2e 69 6e 64 65 78 4f 66 28 6e 61 6d 65 45 51 29 20 3d 3d 20 30 29 0a 20 20 20 20 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 20 63 2e 73 75 62 73 74 72 69 6e 67 28 6e 61 6d 65 45 51 2e 6c 65 6e 67 74 68 2c 20 63 2e 6c 65 6e 67 74 68 29 3b 0a 20 20 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 20 20 20 20 72 65 74 75 72 6e 0d 0a 32 30 30 30 0d 0a 20 6e 75 6c 6c 3b 0a 20 20 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 7d 0a 20 20 20 20 20 20 0a 20 20 20 20 20 20 69 66 28 20 74 79 70 65 6f 66 28 6d 61 6b 65 50 6f 73 74 52 65 71 75 65 73 74 29 20 3d 3d 3d 20 27 75 6e 64 65 66 69 6e 65 64 27 29 20 7b 0a 20 20 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                    Data Ascii: c.substring(1, c.length); if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length, c.length); } return2000 null; } } if( typeof(makePostRequest) === 'undefined') {


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    9192.168.2.549725167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC746OUTGET /images/front_img/lp/lpd_installing_r2/img/done_windows_icon.svg HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC327INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:22 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                    Content-Length: 162
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Location: https://repository.pcapp.store/pcapp/images/front_img/lp/lpd_installing_r2/img/done_windows_icon.svg
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC162INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    10192.168.2.549724167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC634OUTGET /src/main.js HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC362INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:22 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/javascript
                                                                                                                                                                                                                                                                                    Content-Length: 234
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC234INData Raw: 69 66 20 28 74 79 70 65 6f 66 20 70 69 78 65 6c 45 76 65 6e 74 20 21 3d 20 22 66 75 6e 63 74 69 6f 6e 22 29 20 7b 0a 20 20 76 61 72 20 73 31 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 63 72 69 70 74 22 29 2c 0a 20 20 20 20 73 30 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 22 73 63 72 69 70 74 22 29 5b 30 5d 3b 0a 20 20 73 31 2e 73 72 63 20 3d 20 22 2f 73 72 63 2f 6d 61 69 6e 5f 63 6f 64 65 2e 6a 73 3f 6e 6f 63 61 63 68 65 3d 31 36 35 33 32 38 31 32 33 31 36 39 32 35 34 33 22 3b 0a 20 20 73 30 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 69 6e 73 65 72 74 42 65 66 6f 72 65 28 73 31 2c 20 73 30 29 3b 0a 7d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: if (typeof pixelEvent != "function") { var s1 = document.createElement("script"), s0 = document.getElementsByTagName("script")[0]; s1.src = "/src/main_code.js?nocache=1653281231692543"; s0.parentNode.insertBefore(s1, s0);}


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    11192.168.2.549731167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC694OUTGET /lp/lpd_installing_r2/src/lpd_installing_r2.min.js?nocache=1709636059406 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC363INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:22 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/javascript
                                                                                                                                                                                                                                                                                    Content-Length: 9559
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC9559INData Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 0a 0a 66 75 6e 63 74 69 6f 6e 20 5f 74 79 70 65 6f 66 28 6f 62 6a 29 20 7b 20 22 40 62 61 62 65 6c 2f 68 65 6c 70 65 72 73 20 2d 20 74 79 70 65 6f 66 22 3b 20 72 65 74 75 72 6e 20 5f 74 79 70 65 6f 66 20 3d 20 22 66 75 6e 63 74 69 6f 6e 22 20 3d 3d 20 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 20 26 26 20 22 73 79 6d 62 6f 6c 22 20 3d 3d 20 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 20 3f 20 66 75 6e 63 74 69 6f 6e 20 28 6f 62 6a 29 20 7b 20 72 65 74 75 72 6e 20 74 79 70 65 6f 66 20 6f 62 6a 3b 20 7d 20 3a 20 66 75 6e 63 74 69 6f 6e 20 28 6f 62 6a 29 20 7b 20 72 65 74 75 72 6e 20 6f 62 6a 20 26 26 20 22 66 75 6e 63 74 69 6f 6e 22 20 3d 3d 20 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 20 26 26 20 6f 62
                                                                                                                                                                                                                                                                                    Data Ascii: "use strict";function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" == typeof Symbol && "symbol" == typeof Symbol.iterator ? function (obj) { return typeof obj; } : function (obj) { return obj && "function" == typeof Symbol && ob


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    12192.168.2.54974013.107.246.45443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC192OUTGET /rules/rule120608v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:22 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/xml
                                                                                                                                                                                                                                                                                    Content-Length: 2160
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:03 GMT
                                                                                                                                                                                                                                                                                    ETag: "0x8DC582BA3B95D81"
                                                                                                                                                                                                                                                                                    x-ms-request-id: 33d009d3-501e-007b-36d5-335ba2000000
                                                                                                                                                                                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                    x-azure-ref: 20241111T212522Z-174f7845968xlwnmhC1EWR0sv8000000056g00000000tvtb
                                                                                                                                                                                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                    X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC2160INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 30 38 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 44 43 61 3d 22 50 53 55 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 30 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 32 22 20 52 3d 22 31 32 30 36 37 39 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 33 22 20 52 3d 22 31 32 30 36 31 30 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 34 22 20 52 3d 22 31 32 30 36 31 32 22 20 2f 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 35 22 20 52 3d 22 31 32 30 36 31 34 22 20 2f 3e 0d 0a 20 20 20
                                                                                                                                                                                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120608" V="0" DC="SM" T="Subrule" DCa="PSU" xmlns=""> <S> <R T="1" R="120609" /> <R T="2" R="120679" /> <R T="3" R="120610" /> <R T="4" R="120612" /> <R T="5" R="120614" />


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    13192.168.2.54974513.107.246.45443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC193OUTGET /rules/rule120402v21s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC494INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:22 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/xml
                                                                                                                                                                                                                                                                                    Content-Length: 3788
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:17 GMT
                                                                                                                                                                                                                                                                                    ETag: "0x8DC582BAC2126A6"
                                                                                                                                                                                                                                                                                    x-ms-request-id: 0eb2a1cd-301e-0020-44d5-336299000000
                                                                                                                                                                                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                    x-azure-ref: 20241111T212522Z-174f7845968glpgnhC1EWR7uec00000005gg00000000wewa
                                                                                                                                                                                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                    X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC3788INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 34 30 32 22 20 56 3d 22 32 31 22 20 44 43 3d 22 53 4d 22 20 45 4e 3d 22 4f 66 66 69 63 65 2e 53 79 73 74 65 6d 2e 53 79 73 74 65 6d 48 65 61 6c 74 68 55 6e 67 72 61 63 65 66 75 6c 41 70 70 45 78 69 74 44 65 73 6b 74 6f 70 22 20 41 54 54 3d 22 63 64 38 33 36 36 32 36 36 31 31 63 34 63 61 61 61 38 66 63 35 62 32 65 37 32 38 65 65 38 31 64 2d 33 62 36 64 36 63 34 35 2d 36 33 37 37 2d 34 62 66 35 2d 39 37 39 32 2d 64 62 66 38 65 31 38 38 31 30 38 38 2d 37 35 32 31 22 20 53 50 3d 22 43 72 69 74 69 63 61 6c 43 65 6e 73 75 73 22 20 44 4c 3d 22 41 22 20 44 43 61 3d 22 50 53 50 22 20 78 6d 6c 6e 73 3d 22 22
                                                                                                                                                                                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120402" V="21" DC="SM" EN="Office.System.SystemHealthUngracefulAppExitDesktop" ATT="cd836626611c4caaa8fc5b2e728ee81d-3b6d6c45-6377-4bf5-9792-dbf8e1881088-7521" SP="CriticalCensus" DL="A" DCa="PSP" xmlns=""


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    14192.168.2.54975013.107.246.45443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC192OUTGET /rules/rule120612v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:22 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/xml
                                                                                                                                                                                                                                                                                    Content-Length: 471
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:25 GMT
                                                                                                                                                                                                                                                                                    ETag: "0x8DC582BB10C598B"
                                                                                                                                                                                                                                                                                    x-ms-request-id: 55c0910e-d01e-0082-5dd5-33e489000000
                                                                                                                                                                                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                    x-azure-ref: 20241111T212522Z-174f7845968c2t8dhC1EWR8s20000000055000000000npq3
                                                                                                                                                                                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                    X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC471INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 32 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 31 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120612" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120611" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    15192.168.2.54975413.107.246.45443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC192OUTGET /rules/rule120614v0s19.xml HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip
                                                                                                                                                                                                                                                                                    User-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)
                                                                                                                                                                                                                                                                                    Host: otelrules.azureedge.net
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC470INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:22 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/xml
                                                                                                                                                                                                                                                                                    Content-Length: 467
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Cache-Control: public, max-age=604800, immutable
                                                                                                                                                                                                                                                                                    Last-Modified: Tue, 09 Apr 2024 00:26:08 GMT
                                                                                                                                                                                                                                                                                    ETag: "0x8DC582BA6C038BC"
                                                                                                                                                                                                                                                                                    x-ms-request-id: 1815df8f-001e-0028-27d5-33c49f000000
                                                                                                                                                                                                                                                                                    x-ms-version: 2018-03-28
                                                                                                                                                                                                                                                                                    x-azure-ref: 20241111T212522Z-174f7845968v79b7hC1EWRu01s000000053000000000eykc
                                                                                                                                                                                                                                                                                    x-fd-int-roxy-purgeid: 0
                                                                                                                                                                                                                                                                                    X-Cache: TCP_HIT
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC467INData Raw: ef bb bf 3c 3f 78 6d 6c 20 76 65 72 73 69 6f 6e 3d 22 31 2e 30 22 20 65 6e 63 6f 64 69 6e 67 3d 22 75 74 66 2d 38 22 3f 3e 0d 0a 3c 52 20 49 64 3d 22 31 32 30 36 31 34 22 20 56 3d 22 30 22 20 44 43 3d 22 53 4d 22 20 54 3d 22 53 75 62 72 75 6c 65 22 20 78 6d 6c 6e 73 3d 22 22 3e 0d 0a 20 20 3c 53 3e 0d 0a 20 20 20 20 3c 52 20 54 3d 22 31 22 20 52 3d 22 31 32 30 36 31 33 22 20 2f 3e 0d 0a 20 20 20 20 3c 54 48 20 54 3d 22 32 22 3e 0d 0a 20 20 20 20 20 20 3c 4f 20 54 3d 22 45 51 22 3e 0d 0a 20 20 20 20 20 20 20 20 3c 4c 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 3c 55 20 54 3d 22 45 71 75 61 6c 73 4e 75 6c 6c 22 3e 0d 0a 20 20 20 20 20 20 20 20 20 20 20 20 3c 53 20 54 3d 22 31 22 20 46 3d 22 30 22 20 4d 3d 22 49 67 6e 6f 72 65 22 20 2f 3e 0d 0a 20 20 20 20 20 20
                                                                                                                                                                                                                                                                                    Data Ascii: <?xml version="1.0" encoding="utf-8"?><R Id="120614" V="0" DC="SM" T="Subrule" xmlns=""> <S> <R T="1" R="120613" /> <TH T="2"> <O T="EQ"> <L> <U T="EqualsNull"> <S T="1" F="0" M="Ignore" />


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    16192.168.2.549756209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC346OUTGET /src/main.js HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC362INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:22 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/javascript
                                                                                                                                                                                                                                                                                    Content-Length: 234
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC234INData Raw: 69 66 20 28 74 79 70 65 6f 66 20 70 69 78 65 6c 45 76 65 6e 74 20 21 3d 20 22 66 75 6e 63 74 69 6f 6e 22 29 20 7b 0a 20 20 76 61 72 20 73 31 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 63 72 65 61 74 65 45 6c 65 6d 65 6e 74 28 22 73 63 72 69 70 74 22 29 2c 0a 20 20 20 20 73 30 20 3d 20 64 6f 63 75 6d 65 6e 74 2e 67 65 74 45 6c 65 6d 65 6e 74 73 42 79 54 61 67 4e 61 6d 65 28 22 73 63 72 69 70 74 22 29 5b 30 5d 3b 0a 20 20 73 31 2e 73 72 63 20 3d 20 22 2f 73 72 63 2f 6d 61 69 6e 5f 63 6f 64 65 2e 6a 73 3f 6e 6f 63 61 63 68 65 3d 31 36 35 33 32 38 31 32 33 31 36 39 32 35 34 33 22 3b 0a 20 20 73 30 2e 70 61 72 65 6e 74 4e 6f 64 65 2e 69 6e 73 65 72 74 42 65 66 6f 72 65 28 73 31 2c 20 73 30 29 3b 0a 7d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: if (typeof pixelEvent != "function") { var s1 = document.createElement("script"), s0 = document.getElementsByTagName("script")[0]; s1.src = "/src/main_code.js?nocache=1653281231692543"; s0.parentNode.insertBefore(s1, s0);}


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    17192.168.2.549757209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC406OUTGET /lp/lpd_installing_r2/src/lpd_installing_r2.min.js?nocache=1709636059406 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC363INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:22 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/javascript
                                                                                                                                                                                                                                                                                    Content-Length: 9559
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC9559INData Raw: 22 75 73 65 20 73 74 72 69 63 74 22 3b 0a 0a 66 75 6e 63 74 69 6f 6e 20 5f 74 79 70 65 6f 66 28 6f 62 6a 29 20 7b 20 22 40 62 61 62 65 6c 2f 68 65 6c 70 65 72 73 20 2d 20 74 79 70 65 6f 66 22 3b 20 72 65 74 75 72 6e 20 5f 74 79 70 65 6f 66 20 3d 20 22 66 75 6e 63 74 69 6f 6e 22 20 3d 3d 20 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 20 26 26 20 22 73 79 6d 62 6f 6c 22 20 3d 3d 20 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 2e 69 74 65 72 61 74 6f 72 20 3f 20 66 75 6e 63 74 69 6f 6e 20 28 6f 62 6a 29 20 7b 20 72 65 74 75 72 6e 20 74 79 70 65 6f 66 20 6f 62 6a 3b 20 7d 20 3a 20 66 75 6e 63 74 69 6f 6e 20 28 6f 62 6a 29 20 7b 20 72 65 74 75 72 6e 20 6f 62 6a 20 26 26 20 22 66 75 6e 63 74 69 6f 6e 22 20 3d 3d 20 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 20 26 26 20 6f 62
                                                                                                                                                                                                                                                                                    Data Ascii: "use strict";function _typeof(obj) { "@babel/helpers - typeof"; return _typeof = "function" == typeof Symbol && "symbol" == typeof Symbol.iterator ? function (obj) { return typeof obj; } : function (obj) { return obj && "function" == typeof Symbol && ob


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    18192.168.2.549755207.211.211.27443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:22 UTC645OUTGET /pcapp/images/front_img/lp/lpd_installing_r2/img/done_windows_icon.svg HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: repository.pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-site
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC642INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:22 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/svg+xml
                                                                                                                                                                                                                                                                                    Content-Length: 2118
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    x-amz-id-2: VnXbMdQrMnDZ7RxRcp9Z9nX5AOhWlZ7/zrE6KB6T0/LE6m3Vo4OpWV+2fZVthwSD1SjXgpKMgrE=
                                                                                                                                                                                                                                                                                    x-amz-request-id: 0VTPN0WH96JBTFRZ
                                                                                                                                                                                                                                                                                    Last-Modified: Wed, 28 Feb 2024 14:20:34 GMT
                                                                                                                                                                                                                                                                                    ETag: "1039640cf0666a1621d55c9e9fa81439"
                                                                                                                                                                                                                                                                                    x-amz-server-side-encryption: AES256
                                                                                                                                                                                                                                                                                    x-amz-version-id: TOr7Qz1D1UcT8CbM_PbCtRSNYTOORIzt
                                                                                                                                                                                                                                                                                    X-77-NZT: EggBz9PTGQFBDAHUZjgRAbeU5A4A
                                                                                                                                                                                                                                                                                    X-77-NZT-Ray: 43862e24da1f77e9427632670274a438
                                                                                                                                                                                                                                                                                    X-77-Cache: HIT
                                                                                                                                                                                                                                                                                    X-77-Age: 976020
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Server: CDN77-Turbo
                                                                                                                                                                                                                                                                                    X-77-POP: frankfurtDE
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC2118INData Raw: 3c 73 76 67 20 77 69 64 74 68 3d 22 31 33 32 22 20 68 65 69 67 68 74 3d 22 31 33 32 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 33 32 20 31 33 32 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 3c 67 20 66 69 6c 74 65 72 3d 22 75 72 6c 28 23 66 69 6c 74 65 72 30 5f 64 5f 35 33 39 5f 32 37 39 29 22 3e 3c 70 61 74 68 20 64 3d 22 4d 31 36 20 31 32 2e 35 41 34 2e 35 20 34 2e 35 20 30 20 30 31 32 30 2e 35 20 38 68 39 31 61 34 2e 35 20 34 2e 35 20 30 20 30 31 34 2e 35 20 34 2e 35 76 39 31 61 34 2e 35 20 34 2e 35 20 30 20 30 31 2d 34 2e 35 20 34 2e 35 68 2d 39 31 61 34 2e 35 20 34 2e 35 20 30 20 30 31 2d 34 2e 35 2d 34 2e 35 76 2d 39 31 7a 22 20 66 69 6c 6c 3d
                                                                                                                                                                                                                                                                                    Data Ascii: <svg width="132" height="132" viewBox="0 0 132 132" fill="none" xmlns="http://www.w3.org/2000/svg"><g filter="url(#filter0_d_539_279)"><path d="M16 12.5A4.5 4.5 0 0120.5 8h91a4.5 4.5 0 014.5 4.5v91a4.5 4.5 0 01-4.5 4.5h-91a4.5 4.5 0 01-4.5-4.5v-91z" fill=


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    19192.168.2.549759167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC801OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 74
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC74OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 22 2c 22 61 22 3a 22 74 72 69 67 67 65 72 22 2c 22 70 22 3a 7b 22 74 22 3a 22 66 69 6e 69 73 68 49 6e 73 74 61 6c 6c 46 61 22 2c 22 77 73 22 3a 74 72 75 65 2c 22 61 64 64 22 3a 7b 7d 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front","a":"trigger","p":{"t":"finishInstallFa","ws":true,"add":{}}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:23 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC215INData Raw: 63 63 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 5c 6e 20 20 67 74 61 67 28 27 65 76 65 6e 74 27 2c 20 27 63 6f 6e 76 65 72 73 69 6f 6e 27 2c 20 7b 5c 6e 20 20 20 20 20 20 27 73 65 6e 64 5f 74 6f 27 3a 20 27 41 57 2d 38 35 38 31 32 38 32 31 30 5c 2f 6b 54 61 46 43 49 75 71 30 59 59 5a 45 4e 4c 2d 6c 35 6b 44 27 2c 5c 6e 20 20 20 20 20 20 27 76 61 6c 75 65 27 3a 20 31 2e 30 2c 5c 6e 20 20 20 20 20 20 27 63 75 72 72 65 6e 63 79 27 3a 20 27 55 53 44 27 2c 5c 6e 20 20 20 20 20 20 27 61 77 5f 72 65 6d 61 72 6b 65 74 69 6e 67 5f 6f 6e 6c 79 27 3a 20 74 72 75 65 5c 6e 20 20 7d 29 3b 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: cc{"state":"ok","result":"\n gtag('event', 'conversion', {\n 'send_to': 'AW-858128210\/kTaFCIuq0YYZENL-l5kD',\n 'value': 1.0,\n 'currency': 'USD',\n 'aw_remarketing_only': true\n });"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    20192.168.2.549762167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC803OUTPOST /pixelgif.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 351
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC351OUTData Raw: 7b 22 65 76 74 5f 73 72 63 22 3a 22 77 65 62 22 2c 22 65 76 74 5f 61 63 74 69 6f 6e 22 3a 22 76 69 73 74 79 70 65 22 2c 22 67 70 75 22 3a 22 47 6f 6f 67 6c 65 2c 20 56 75 6c 6b 61 6e 20 31 2e 33 2e 30 20 28 53 77 69 66 74 53 68 61 64 65 72 20 44 65 76 69 63 65 20 28 53 75 62 7a 65 72 6f 29 20 28 30 78 30 30 30 30 43 30 44 45 29 29 2c 20 53 77 69 66 74 53 68 61 64 65 72 20 64 72 69 76 65 72 29 22 2c 22 68 65 69 67 68 74 22 3a 31 32 38 30 2c 22 77 69 64 74 68 22 3a 31 30 32 34 2c 22 62 72 6f 77 73 65 72 22 3a 22 43 48 22 2c 22 62 72 6f 77 73 65 72 76 65 72 22 3a 31 31 37 2c 22 6f 73 22 3a 22 31 30 22 2c 22 63 6f 6f 6b 69 65 73 22 3a 31 2c 22 6d 65 6d 6f 72 79 22 3a 38 2c 22 7a 6f 6f 6d 22 3a 31 30 30 2c 22 76 69 64 65 6f 5f 69 6e 70 75 74 22 3a 30 2c 22 61
                                                                                                                                                                                                                                                                                    Data Ascii: {"evt_src":"web","evt_action":"vistype","gpu":"Google, Vulkan 1.3.0 (SwiftShader Device (Subzero) (0x0000C0DE)), SwiftShader driver)","height":1280,"width":1024,"browser":"CH","browserver":117,"os":"10","cookies":1,"memory":8,"zoom":100,"video_input":0,"a
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC498INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:23 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/png
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC106INData Raw: 35 66 0d 0a 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 01 00 00 00 01 01 03 00 00 00 25 db 56 ca 00 00 00 03 50 4c 54 45 00 00 00 a7 7a 3d da 00 00 00 01 74 52 4e 53 00 40 e6 d8 66 00 00 00 0a 49 44 41 54 08 d7 63 60 00 00 00 02 00 01 e2 21 bc 33 00 00 00 00 49 45 4e 44 ae 42 60 82 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 5fPNGIHDR%VPLTEz=tRNS@fIDATc`!3IENDB`0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    21192.168.2.549761167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC801OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:23 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC44INData Raw: 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 6e 6f 20 69 6e 66 6f 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 21{"state":"ok","result":"no info"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    22192.168.2.549771209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC508OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:23 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    23192.168.2.549765142.250.185.78443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC1322OUTPOST /g/collect?v=2&tid=G-VFQWFX3X1C&gtm=45je4b70v898645365za200&_p=1731360322108&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101823848~101925629~102077854&cid=367951386.1731360323&ul=en-us&sr=1280x1024&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1731360322&sct=1&seg=0&dl=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&dt=APP%20STORE%3A%20Installing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3449 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: analytics.google.com
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 0
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:24 UTC842INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:23 GMT
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                    Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                    Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
                                                                                                                                                                                                                                                                                    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
                                                                                                                                                                                                                                                                                    Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
                                                                                                                                                                                                                                                                                    Server: Golfe2
                                                                                                                                                                                                                                                                                    Content-Length: 0
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                    Connection: close


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    24192.168.2.549770207.211.211.27443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC577OUTGET /pcapp/images/front_img/lp/lpd_installing_r2/img/done_windows_icon.svg HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: repository.pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC642INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:23 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/svg+xml
                                                                                                                                                                                                                                                                                    Content-Length: 2118
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    x-amz-id-2: VnXbMdQrMnDZ7RxRcp9Z9nX5AOhWlZ7/zrE6KB6T0/LE6m3Vo4OpWV+2fZVthwSD1SjXgpKMgrE=
                                                                                                                                                                                                                                                                                    x-amz-request-id: 0VTPN0WH96JBTFRZ
                                                                                                                                                                                                                                                                                    Last-Modified: Wed, 28 Feb 2024 14:20:34 GMT
                                                                                                                                                                                                                                                                                    ETag: "1039640cf0666a1621d55c9e9fa81439"
                                                                                                                                                                                                                                                                                    x-amz-server-side-encryption: AES256
                                                                                                                                                                                                                                                                                    x-amz-version-id: TOr7Qz1D1UcT8CbM_PbCtRSNYTOORIzt
                                                                                                                                                                                                                                                                                    X-77-NZT: EggBz9PTGQFBDAHUZjgRAbeV5A4A
                                                                                                                                                                                                                                                                                    X-77-NZT-Ray: 43862e24ae209b0d437632673d056f36
                                                                                                                                                                                                                                                                                    X-77-Cache: HIT
                                                                                                                                                                                                                                                                                    X-77-Age: 976021
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Server: CDN77-Turbo
                                                                                                                                                                                                                                                                                    X-77-POP: frankfurtDE
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC2118INData Raw: 3c 73 76 67 20 77 69 64 74 68 3d 22 31 33 32 22 20 68 65 69 67 68 74 3d 22 31 33 32 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 31 33 32 20 31 33 32 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 3c 67 20 66 69 6c 74 65 72 3d 22 75 72 6c 28 23 66 69 6c 74 65 72 30 5f 64 5f 35 33 39 5f 32 37 39 29 22 3e 3c 70 61 74 68 20 64 3d 22 4d 31 36 20 31 32 2e 35 41 34 2e 35 20 34 2e 35 20 30 20 30 31 32 30 2e 35 20 38 68 39 31 61 34 2e 35 20 34 2e 35 20 30 20 30 31 34 2e 35 20 34 2e 35 76 39 31 61 34 2e 35 20 34 2e 35 20 30 20 30 31 2d 34 2e 35 20 34 2e 35 68 2d 39 31 61 34 2e 35 20 34 2e 35 20 30 20 30 31 2d 34 2e 35 2d 34 2e 35 76 2d 39 31 7a 22 20 66 69 6c 6c 3d
                                                                                                                                                                                                                                                                                    Data Ascii: <svg width="132" height="132" viewBox="0 0 132 132" fill="none" xmlns="http://www.w3.org/2000/svg"><g filter="url(#filter0_d_539_279)"><path d="M16 12.5A4.5 4.5 0 0120.5 8h91a4.5 4.5 0 014.5 4.5v91a4.5 4.5 0 01-4.5 4.5h-91a4.5 4.5 0 01-4.5-4.5v-91z" fill=


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    25192.168.2.54976666.102.1.154443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC825OUTPOST /g/collect?v=2&tid=G-VFQWFX3X1C&cid=367951386.1731360323&gtm=45je4b70v898645365za200&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=101823848~101925629~102077854 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: stats.g.doubleclick.net
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 0
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC842INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:23 GMT
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                    Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                    Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
                                                                                                                                                                                                                                                                                    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
                                                                                                                                                                                                                                                                                    Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
                                                                                                                                                                                                                                                                                    Server: Golfe2
                                                                                                                                                                                                                                                                                    Content-Length: 0
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                    Connection: close


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    26192.168.2.549767142.250.185.226443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:23 UTC966OUTGET /td/ga/rul?tid=G-VFQWFX3X1C&gacid=367951386.1731360323&gtm=45je4b70v898645365za200&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629~102077854&z=136806735 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: td.doubleclick.net
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                    X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:24 UTC785INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                    Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                    Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:23 GMT
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                    Server: cafe
                                                                                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                    Set-Cookie: test_cookie=CheckForPermission; expires=Mon, 11-Nov-2024 21:40:23 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                    Accept-Ranges: none
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:24 UTC18INData Raw: 64 0d 0a 3c 68 74 6d 6c 3e 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: d<html></html>
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:24 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    27192.168.2.549772209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:24 UTC509OUTGET /pixelgif.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:24 UTC448INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:24 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/png
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:24 UTC106INData Raw: 35 66 0d 0a 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 00 01 00 00 00 01 01 03 00 00 00 25 db 56 ca 00 00 00 03 50 4c 54 45 00 00 00 a7 7a 3d da 00 00 00 01 74 52 4e 53 00 40 e6 d8 66 00 00 00 0a 49 44 41 54 08 d7 63 60 00 00 00 02 00 01 e2 21 bc 33 00 00 00 00 49 45 4e 44 ae 42 60 82 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 5fPNGIHDR%VPLTEz=tRNS@fIDATc`!3IENDB`0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    28192.168.2.549773209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:24 UTC508OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:24 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:24 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:24 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    29192.168.2.549774172.217.18.100443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC942OUTPOST /ccm/collect?en=page_view&dl=https%3A%2F%2Fpcapp.store%2F&scrsrc=www.googletagmanager.com&frm=0&rnd=2124148031.1731360324&auid=1387167454.1731360324&npa=0&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&tft=1731360324024&tfd=4847&apve=1 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: www.google.com
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 0
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC575INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                    Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:25 GMT
                                                                                                                                                                                                                                                                                    Vary: Origin
                                                                                                                                                                                                                                                                                    Vary: X-Origin
                                                                                                                                                                                                                                                                                    Vary: Referer
                                                                                                                                                                                                                                                                                    Server: scaffolding on HTTPServer2
                                                                                                                                                                                                                                                                                    Content-Length: 0
                                                                                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Expose-Headers: date,vary,vary,vary,server,content-length
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                    Connection: close


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    30192.168.2.549779142.250.185.110443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1030OUTPOST /ccm/form-data/858128210?gtm=45be4b70pfv9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&label=kTaFCIuq0YYZENL-l5kD&npa=0&frm=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&ec_mode=a&em=tv.1 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: google.com
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 0
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC840INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:25 GMT
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Content-Type: text/plain
                                                                                                                                                                                                                                                                                    Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                    Content-Security-Policy-Report-Only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:57:0
                                                                                                                                                                                                                                                                                    Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to=coop_reporting
                                                                                                                                                                                                                                                                                    Report-To: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:57:0"}],}
                                                                                                                                                                                                                                                                                    Server: Golfe2
                                                                                                                                                                                                                                                                                    Content-Length: 0
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                    Connection: close


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    31192.168.2.549782142.250.185.226443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1498OUTGET /td/rul/858128210?random=1731360323996&cv=11&fst=1731360323996&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dgtag.config HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: td.doubleclick.net
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                    X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: test_cookie=CheckForPermission
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC954INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                    Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                    Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:25 GMT
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                    Server: cafe
                                                                                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                    Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
                                                                                                                                                                                                                                                                                    Set-Cookie: IDE=AHWqTUnoDpeF_8uuUn_gkOJhLNgZx8-N4dsjodkKktgF74EIdko1l67wGZP6qKL7; expires=Wed, 11-Nov-2026 21:25:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                    Accept-Ranges: none
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC424INData Raw: 35 36 62 34 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 6f 72 69 67 69 6e 2d 74 72 69 61 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 41 76 68 35 4e 79 30 58 45 46 43 79 51 37 2b 6f 4e 69 65 58 73 6b 55 72 71 59 38 65 64 55 7a 4c 35 2f 58 72 77 4b 6c 47 6a 41 52 51 48 57 34 54 46 52 4b 2b 6a 56 64 35 48 6e 44 49 70 59 32 30 6e 35 4f 4c 48 66 67 55 34 6b 75 37 78 34 38 4e 33 75 68 47 2f 41 30 41 41 41 42 78 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 32 52 76 64 57 4a 73 5a 57 4e 73 61 57 4e 72 4c 6d 35 6c 64 44 6f 30 4e 44 4d 69 4c 43 4a 6d 5a 57 46 30 64 58 4a 6c 49 6a 6f 69 55 48 4a 70 64 6d 46 6a 65 56 4e 68 62 6d 52 69 62 33 68 42 5a 48 4e 42 55 45 6c 7a 49 69 77 69 5a 58 68 77
                                                                                                                                                                                                                                                                                    Data Ascii: 56b4<html><head><meta http-equiv="origin-trial" content="Avh5Ny0XEFCyQ7+oNieXskUrqY8edUzL5/XrwKlGjARQHW4TFRK+jVd5HnDIpY20n5OLHfgU4ku7x48N3uhG/A0AAABxeyJvcmlnaW4iOiJodHRwczovL2RvdWJsZWNsaWNrLm5ldDo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhw
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 74 65 73 22 3a 7b 22 6f 77 6e 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 22 2c 22 6e 61 6d 65 22 3a 22 34 73 31 33 38 37 31 36 37 34 35 34 2e 31 37 33 31 33 36 30 33 32 34 22 2c 22 62 69 64 64 69 6e 67 4c 6f 67 69 63 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 62 6a 73 22 2c 22 64 61 69 6c 79 55 70 64 61 74 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 75 70 64 61 74 65 3f 69 67 5f 6e 61 6d 65 3d 34 73 31 33 38 37 31 36 37 34 35 34 2e 31 37 33 31 33 36 30 33 32 34 5c 75 30 30 32 36 69 67 5f 6b 65 79 3d 31 73 4e 48 4d 78 4d 7a 67 33 4d 54 59 33 4e 44 55 30 4c 6a 45 33 4d 7a 45 7a
                                                                                                                                                                                                                                                                                    Data Ascii: tes":{"owner":"https://td.doubleclick.net","name":"4s1387167454.1731360324","biddingLogicUrl":"https://td.doubleclick.net/td/bjs","dailyUpdateUrl":"https://td.doubleclick.net/td/update?ig_name=4s1387167454.1731360324\u0026ig_key=1sNHMxMzg3MTY3NDU0LjE3MzEz
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 38 37 36 36 38 32 30 34 32 39 5c 75 30 30 32 36 63 76 5f 69 64 3d 30 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 72 31 6a 37 39 30 34 32 38 33 38 31 32 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 37 36 36 38 32 30 34 32 39 22 2c 6e 75 6c 6c
                                                                                                                                                                                                                                                                                    Data Ascii: ":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u0026cr_id=688766820429\u0026cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=r1j7904283812!4s*2A","metadata":["163766597928","688766820429",null
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 31 32 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 37 36 36 38 32 30 34 35 30 22 2c 6e 75 6c 6c 2c 22 32 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 37 39 30 34 32 38 33 38 31 32 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 6f 6a 65 38 44 30 51 4e 51 51 63 22 2c 22 62 75 79 65 72 52 65 70 6f 72 74 69 6e 67 49 64 22 3a 22 31 6a 37 39 30 34 32 38 33 38 31 32 21 34 73 2a 32 41 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35
                                                                                                                                                                                                                                                                                    Data Ascii: 12!4s*2A","metadata":["163766597928","688766820450",null,"20788079887",null,null,null,null,null,null,"7904283812"],"adRenderId":"oje8D0QNQQc","buyerReportingId":"1j7904283812!4s*2A"},{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=1637665
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 38 39 31 37 32 30 33 39 39 38 5c 75 30 30 32 36 63 76 5f 69 64 3d 30 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 72 31 6a 37 39 30 34 32 38 33 38 31 32 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 39 31 37 32 30 33 39 39 38 22 2c 6e 75 6c 6c 2c 22 32 30 37
                                                                                                                                                                                                                                                                                    Data Ascii: tps://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u0026cr_id=688917203998\u0026cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=r1j7904283812!4s*2A","metadata":["163766597928","688917203998",null,"207
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 35 36 37 38 36 34 31 31 32 35 38 22 2c 22 36 38 32 32 33 39 32 33 34 32 31 32 22 2c 6e 75 6c 6c 2c 22 32 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 37 39 30 34 32 38 33 38 31 32 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 66 62 45 61 4b 4b 2d 78 38 75 4d 22 2c 22 62 75 79 65 72 52 65 70 6f 72 74 69 6e 67 49 64 22 3a 22 31 6a 37 39 30 34 32 38 33 38 31 32 21 34 73 2a 32 41 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75
                                                                                                                                                                                                                                                                                    Data Ascii: A","metadata":["156786411258","682239234212",null,"20788079887",null,null,null,null,null,null,"7904283812"],"adRenderId":"fbEaKK-x8uM","buyerReportingId":"1j7904283812!4s*2A"},{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 38 37 36 36 38 32 30 34 33 32 5c 75 30 30 32 36 63 76 5f 69 64 3d 30 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 72 31 6a 34 37 35 38 31 36 31 36 35 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 37 36 36 38 32 30 34 33 32 22 2c 6e 75 6c 6c 2c 22 32 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c 6c 2c 6e 75
                                                                                                                                                                                                                                                                                    Data Ascii: eclick.net/td/adfetch/gda?adg_id=163766597928\u0026cr_id=688766820432\u0026cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=r1j475816165!4s*2A","metadata":["163766597928","688766820432",null,"20788079887",null,nu
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 37 39 32 38 22 2c 22 36 38 38 37 36 36 38 32 30 34 35 33 22 2c 6e 75 6c 6c 2c 22 32 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 34 37 35 38 31 36 31 36 35 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 69 44 4a 6d 43 54 49 6c 68 4d 41 22 2c 22 62 75 79 65 72 52 65 70 6f 72 74 69 6e 67 49 64 22 3a 22 31 6a 34 37 35 38 31 36 31 36 35 21 34 73 2a 32 41 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 38 37 36 36 38 32 30 34 35 36 5c 75 30 30
                                                                                                                                                                                                                                                                                    Data Ascii: 7928","688766820453",null,"20788079887",null,null,null,null,null,null,"475816165"],"adRenderId":"iDJmCTIlhMA","buyerReportingId":"1j475816165!4s*2A"},{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u0026cr_id=688766820456\u00
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 61 64 67 5f 69 64 3d 31 35 36 37 38 36 34 31 31 32 35 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 31 31 36 34 33 32 36 30 36 30 5c 75 30 30 32 36 63 76 5f 69 64 3d 31 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 72 31 6a 34 37 35 38 31 36 31 36 35 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 35 36 37 38 36 34 31 31 32 35 38 22 2c 22 36 38 31 31 36 34 33 32 36 30 36 30 22 2c 22 31 22 2c 22 32 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 34 37 35
                                                                                                                                                                                                                                                                                    Data Ascii: adg_id=156786411258\u0026cr_id=681164326060\u0026cv_id=1\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=r1j475816165!4s*2A","metadata":["156786411258","681164326060","1","20788079887",null,null,null,null,null,null,"475
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 35 39 36 30 39 33 32 38 38 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 4f 44 4d 69 75 35 66 71 48 39 59 22 2c 22 62 75 79 65 72 52 65 70 6f 72 74 69 6e 67 49 64 22 3a 22 31 6a 35 39 36 30 39 33 32 38 38 21 34 73 2a 32 41 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 38 37 36 36 38 32 30 34 31 34 5c 75 30 30 32 36 63 76 5f 69 64 3d 30 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57
                                                                                                                                                                                                                                                                                    Data Ascii: 0788079887",null,null,null,null,null,null,"596093288"],"adRenderId":"ODMiu5fqH9Y","buyerReportingId":"1j596093288!4s*2A"},{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u0026cr_id=688766820414\u0026cv_id=0\u0026format=${AD_W


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    32192.168.2.549781142.250.185.226443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1496OUTGET /td/rul/858128210?random=1731360324075&cv=11&fst=1731360324075&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dpage_view HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: td.doubleclick.net
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                    X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: test_cookie=CheckForPermission
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC954INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                    Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                    Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:25 GMT
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                    Server: cafe
                                                                                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                    Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
                                                                                                                                                                                                                                                                                    Set-Cookie: IDE=AHWqTUmXyZOFyf7HjscfpnsEKtmZJZKMXmeZt5uPC3u754cKxCGP5nWtsSjZDOUk; expires=Wed, 11-Nov-2026 21:25:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                    Accept-Ranges: none
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC424INData Raw: 35 36 38 62 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 6f 72 69 67 69 6e 2d 74 72 69 61 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 41 76 68 35 4e 79 30 58 45 46 43 79 51 37 2b 6f 4e 69 65 58 73 6b 55 72 71 59 38 65 64 55 7a 4c 35 2f 58 72 77 4b 6c 47 6a 41 52 51 48 57 34 54 46 52 4b 2b 6a 56 64 35 48 6e 44 49 70 59 32 30 6e 35 4f 4c 48 66 67 55 34 6b 75 37 78 34 38 4e 33 75 68 47 2f 41 30 41 41 41 42 78 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 32 52 76 64 57 4a 73 5a 57 4e 73 61 57 4e 72 4c 6d 35 6c 64 44 6f 30 4e 44 4d 69 4c 43 4a 6d 5a 57 46 30 64 58 4a 6c 49 6a 6f 69 55 48 4a 70 64 6d 46 6a 65 56 4e 68 62 6d 52 69 62 33 68 42 5a 48 4e 42 55 45 6c 7a 49 69 77 69 5a 58 68 77
                                                                                                                                                                                                                                                                                    Data Ascii: 568b<html><head><meta http-equiv="origin-trial" content="Avh5Ny0XEFCyQ7+oNieXskUrqY8edUzL5/XrwKlGjARQHW4TFRK+jVd5HnDIpY20n5OLHfgU4ku7x48N3uhG/A0AAABxeyJvcmlnaW4iOiJodHRwczovL2RvdWJsZWNsaWNrLm5ldDo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhw
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 74 65 73 22 3a 7b 22 6f 77 6e 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 22 2c 22 6e 61 6d 65 22 3a 22 34 73 31 33 38 37 31 36 37 34 35 34 2e 31 37 33 31 33 36 30 33 32 34 22 2c 22 62 69 64 64 69 6e 67 4c 6f 67 69 63 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 62 6a 73 22 2c 22 64 61 69 6c 79 55 70 64 61 74 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 75 70 64 61 74 65 3f 69 67 5f 6e 61 6d 65 3d 34 73 31 33 38 37 31 36 37 34 35 34 2e 31 37 33 31 33 36 30 33 32 34 5c 75 30 30 32 36 69 67 5f 6b 65 79 3d 31 73 4e 48 4d 78 4d 7a 67 33 4d 54 59 33 4e 44 55 30 4c 6a 45 33 4d 7a 45 7a
                                                                                                                                                                                                                                                                                    Data Ascii: tes":{"owner":"https://td.doubleclick.net","name":"4s1387167454.1731360324","biddingLogicUrl":"https://td.doubleclick.net/td/bjs","dailyUpdateUrl":"https://td.doubleclick.net/td/update?ig_name=4s1387167454.1731360324\u0026ig_key=1sNHMxMzg3MTY3NDU0LjE3MzEz
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 38 37 36 36 38 32 30 34 32 39 5c 75 30 30 32 36 63 76 5f 69 64 3d 30 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 72 31 6a 37 39 30 34 37 30 35 36 36 31 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 37 36 36 38 32 30 34 32 39 22 2c 6e 75 6c 6c
                                                                                                                                                                                                                                                                                    Data Ascii: ":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u0026cr_id=688766820429\u0026cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=r1j7904705661!4s*2A","metadata":["163766597928","688766820429",null
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 36 31 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 37 36 36 38 32 30 34 35 30 22 2c 6e 75 6c 6c 2c 22 32 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 37 39 30 34 37 30 35 36 36 31 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 74 31 33 67 69 37 75 69 36 61 6b 22 2c 22 62 75 79 65 72 52 65 70 6f 72 74 69 6e 67 49 64 22 3a 22 31 6a 37 39 30 34 37 30 35 36 36 31 21 34 73 2a 32 41 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35
                                                                                                                                                                                                                                                                                    Data Ascii: 61!4s*2A","metadata":["163766597928","688766820450",null,"20788079887",null,null,null,null,null,null,"7904705661"],"adRenderId":"t13gi7ui6ak","buyerReportingId":"1j7904705661!4s*2A"},{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=1637665
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 38 39 31 37 32 30 33 39 39 38 5c 75 30 30 32 36 63 76 5f 69 64 3d 30 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 72 31 6a 37 39 30 34 37 30 35 36 36 31 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 39 31 37 32 30 33 39 39 38 22 2c 6e 75 6c 6c 2c 22 32 30 37
                                                                                                                                                                                                                                                                                    Data Ascii: tps://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u0026cr_id=688917203998\u0026cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=r1j7904705661!4s*2A","metadata":["163766597928","688917203998",null,"207
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 35 36 37 38 36 34 31 31 32 35 38 22 2c 22 36 38 32 32 33 39 32 33 34 32 31 32 22 2c 6e 75 6c 6c 2c 22 32 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 37 39 30 34 37 30 35 36 36 31 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 35 39 38 76 6b 33 31 76 79 75 55 22 2c 22 62 75 79 65 72 52 65 70 6f 72 74 69 6e 67 49 64 22 3a 22 31 6a 37 39 30 34 37 30 35 36 36 31 21 34 73 2a 32 41 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75
                                                                                                                                                                                                                                                                                    Data Ascii: A","metadata":["156786411258","682239234212",null,"20788079887",null,null,null,null,null,null,"7904705661"],"adRenderId":"598vk31vyuU","buyerReportingId":"1j7904705661!4s*2A"},{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 38 37 36 36 38 32 30 34 33 32 5c 75 30 30 32 36 63 76 5f 69 64 3d 30 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 72 31 6a 37 39 30 34 32 38 33 38 31 32 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 37 36 36 38 32 30 34 33 32 22 2c 6e 75 6c 6c 2c 22 32 30 37 38 38 30 37 39 38 38
                                                                                                                                                                                                                                                                                    Data Ascii: dsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u0026cr_id=688766820432\u0026cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=r1j7904283812!4s*2A","metadata":["163766597928","688766820432",null,"2078807988
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 37 36 36 38 32 30 34 35 33 22 2c 6e 75 6c 6c 2c 22 32 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 37 39 30 34 32 38 33 38 31 32 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 76 68 68 79 4f 6d 63 57 65 65 41 22 2c 22 62 75 79 65 72 52 65 70 6f 72 74 69 6e 67 49 64 22 3a 22 31 6a 37 39 30 34 32 38 33 38 31 32 21 34 73 2a 32 41 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75 30 30 32 36 63
                                                                                                                                                                                                                                                                                    Data Ascii: etadata":["163766597928","688766820453",null,"20788079887",null,null,null,null,null,null,"7904283812"],"adRenderId":"vhhyOmcWeeA","buyerReportingId":"1j7904283812!4s*2A"},{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u0026c
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 35 36 37 38 36 34 31 31 32 35 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 31 31 36 34 33 32 36 30 36 30 5c 75 30 30 32 36 63 76 5f 69 64 3d 31 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 72 31 6a 37 39 30 34 32 38 33 38 31 32 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 35 36 37 38 36 34 31 31 32 35 38 22 2c 22 36 38 31 31 36 34 33 32 36 30 36 30 22 2c 22 31 22 2c 22 32 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c
                                                                                                                                                                                                                                                                                    Data Ascii: oubleclick.net/td/adfetch/gda?adg_id=156786411258\u0026cr_id=681164326060\u0026cv_id=1\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=r1j7904283812!4s*2A","metadata":["156786411258","681164326060","1","20788079887",nul
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 37 36 36 38 32 30 34 31 31 22 2c 6e 75 6c 6c 2c 22 32 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 35 39 36 30 39 33 32 38 38 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 4f 44 4d 69 75 35 66 71 48 39 59 22 2c 22 62 75 79 65 72 52 65 70 6f 72 74 69 6e 67 49 64 22 3a 22 31 6a 35 39 36 30 39 33 32 38 38 21 34 73 2a 32 41 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 38 37 36
                                                                                                                                                                                                                                                                                    Data Ascii: :["163766597928","688766820411",null,"20788079887",null,null,null,null,null,null,"596093288"],"adRenderId":"ODMiu5fqH9Y","buyerReportingId":"1j596093288!4s*2A"},{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u0026cr_id=68876


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    33192.168.2.549783142.250.185.226443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1550OUTGET /td/rul/858128210?random=1731360324107&cv=11&fst=1731360324107&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&label=kTaFCIuq0YYZENL-l5kD&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dconversion HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: td.doubleclick.net
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                    X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: iframe
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: test_cookie=CheckForPermission
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC954INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                    Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                    Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:25 GMT
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                    Server: cafe
                                                                                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                    Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
                                                                                                                                                                                                                                                                                    Set-Cookie: IDE=AHWqTUmwFLVj4A8PZd5lknjAwBQJA0wSVNNsi5x8xtTJ11fCK86bYlDQEhMJvjZt; expires=Wed, 11-Nov-2026 21:25:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                    Accept-Ranges: none
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC424INData Raw: 35 36 39 39 0d 0a 3c 68 74 6d 6c 3e 3c 68 65 61 64 3e 3c 6d 65 74 61 20 68 74 74 70 2d 65 71 75 69 76 3d 22 6f 72 69 67 69 6e 2d 74 72 69 61 6c 22 20 63 6f 6e 74 65 6e 74 3d 22 41 76 68 35 4e 79 30 58 45 46 43 79 51 37 2b 6f 4e 69 65 58 73 6b 55 72 71 59 38 65 64 55 7a 4c 35 2f 58 72 77 4b 6c 47 6a 41 52 51 48 57 34 54 46 52 4b 2b 6a 56 64 35 48 6e 44 49 70 59 32 30 6e 35 4f 4c 48 66 67 55 34 6b 75 37 78 34 38 4e 33 75 68 47 2f 41 30 41 41 41 42 78 65 79 4a 76 63 6d 6c 6e 61 57 34 69 4f 69 4a 6f 64 48 52 77 63 7a 6f 76 4c 32 52 76 64 57 4a 73 5a 57 4e 73 61 57 4e 72 4c 6d 35 6c 64 44 6f 30 4e 44 4d 69 4c 43 4a 6d 5a 57 46 30 64 58 4a 6c 49 6a 6f 69 55 48 4a 70 64 6d 46 6a 65 56 4e 68 62 6d 52 69 62 33 68 42 5a 48 4e 42 55 45 6c 7a 49 69 77 69 5a 58 68 77
                                                                                                                                                                                                                                                                                    Data Ascii: 5699<html><head><meta http-equiv="origin-trial" content="Avh5Ny0XEFCyQ7+oNieXskUrqY8edUzL5/XrwKlGjARQHW4TFRK+jVd5HnDIpY20n5OLHfgU4ku7x48N3uhG/A0AAABxeyJvcmlnaW4iOiJodHRwczovL2RvdWJsZWNsaWNrLm5ldDo0NDMiLCJmZWF0dXJlIjoiUHJpdmFjeVNhbmRib3hBZHNBUElzIiwiZXhw
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 75 74 65 73 22 3a 7b 22 6f 77 6e 65 72 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 22 2c 22 6e 61 6d 65 22 3a 22 34 73 31 33 38 37 31 36 37 34 35 34 2e 31 37 33 31 33 36 30 33 32 34 22 2c 22 62 69 64 64 69 6e 67 4c 6f 67 69 63 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 62 6a 73 22 2c 22 64 61 69 6c 79 55 70 64 61 74 65 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 75 70 64 61 74 65 3f 69 67 5f 6e 61 6d 65 3d 34 73 31 33 38 37 31 36 37 34 35 34 2e 31 37 33 31 33 36 30 33 32 34 5c 75 30 30 32 36 69 67 5f 6b 65 79 3d 31 73 4e 48 4d 78 4d 7a 67 33 4d 54 59 33 4e 44 55 30 4c 6a 45 33 4d 7a 45
                                                                                                                                                                                                                                                                                    Data Ascii: utes":{"owner":"https://td.doubleclick.net","name":"4s1387167454.1731360324","biddingLogicUrl":"https://td.doubleclick.net/td/bjs","dailyUpdateUrl":"https://td.doubleclick.net/td/update?ig_name=4s1387167454.1731360324\u0026ig_key=1sNHMxMzg3MTY3NDU0LjE3MzE
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 38 37 36 36 38 32 30 34 32 39 5c 75 30 30 32 36 63 76 5f 69 64 3d 30 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 72 31 6a 37 39 30 34 37 30 35 36 36 31 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 37
                                                                                                                                                                                                                                                                                    Data Ascii: "},{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u0026cr_id=688766820429\u0026cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=r1j7904705661!4s*2A","metadata":["163766597928","6887
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 69 64 3d 72 31 6a 37 39 30 34 37 30 35 36 36 31 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 37 36 36 38 32 30 34 35 30 22 2c 6e 75 6c 6c 2c 22 32 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 37 39 30 34 37 30 35 36 36 31 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 74 31 33 67 69 37 75 69 36 61 6b 22 2c 22 62 75 79 65 72 52 65 70 6f 72 74 69 6e 67 49 64 22 3a 22 31 6a 37 39 30 34 37 30 35 36 36 31 21 34 73 2a 32 41 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f
                                                                                                                                                                                                                                                                                    Data Ascii: id=r1j7904705661!4s*2A","metadata":["163766597928","688766820450",null,"20788079887",null,null,null,null,null,null,"7904705661"],"adRenderId":"t13gi7ui6ak","buyerReportingId":"1j7904705661!4s*2A"},{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 38 39 31 37 32 30 33 39 39 38 5c 75 30 30 32 36 63 76 5f 69 64 3d 30 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 72 31 6a 37 39 30 34 37 30 35 36 36 31 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 39 31 37 32 30 33
                                                                                                                                                                                                                                                                                    Data Ascii: renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u0026cr_id=688917203998\u0026cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=r1j7904705661!4s*2A","metadata":["163766597928","688917203
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 39 30 34 37 30 35 36 36 31 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 35 36 37 38 36 34 31 31 32 35 38 22 2c 22 36 38 32 32 33 39 32 33 34 32 31 32 22 2c 6e 75 6c 6c 2c 22 32 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 37 39 30 34 37 30 35 36 36 31 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 35 39 38 76 6b 33 31 76 79 75 55 22 2c 22 62 75 79 65 72 52 65 70 6f 72 74 69 6e 67 49 64 22 3a 22 31 6a 37 39 30 34 37 30 35 36 36 31 21 34 73 2a 32 41 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d
                                                                                                                                                                                                                                                                                    Data Ascii: 904705661!4s*2A","metadata":["156786411258","682239234212",null,"20788079887",null,null,null,null,null,null,"7904705661"],"adRenderId":"598vk31vyuU","buyerReportingId":"1j7904705661!4s*2A"},{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 38 37 36 36 38 32 30 34 33 32 5c 75 30 30 32 36 63 76 5f 69 64 3d 30 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 72 31 6a 37 39 30 34 32 38 33 38 31 32 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 37 36 36 38 32 30 34 33 32 22 2c 6e 75
                                                                                                                                                                                                                                                                                    Data Ascii: rl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u0026cr_id=688766820432\u0026cv_id=0\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=r1j7904283812!4s*2A","metadata":["163766597928","688766820432",nu
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 33 38 31 32 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 37 36 36 38 32 30 34 35 33 22 2c 6e 75 6c 6c 2c 22 32 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 37 39 30 34 32 38 33 38 31 32 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 76 68 68 79 4f 6d 63 57 65 65 41 22 2c 22 62 75 79 65 72 52 65 70 6f 72 74 69 6e 67 49 64 22 3a 22 31 6a 37 39 30 34 32 38 33 38 31 32 21 34 73 2a 32 41 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36
                                                                                                                                                                                                                                                                                    Data Ascii: 3812!4s*2A","metadata":["163766597928","688766820453",null,"20788079887",null,null,null,null,null,null,"7904283812"],"adRenderId":"vhhyOmcWeeA","buyerReportingId":"1j7904283812!4s*2A"},{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=16376
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 35 36 37 38 36 34 31 31 32 35 38 5c 75 30 30 32 36 63 72 5f 69 64 3d 36 38 31 31 36 34 33 32 36 30 36 30 5c 75 30 30 32 36 63 76 5f 69 64 3d 31 5c 75 30 30 32 36 66 6f 72 6d 61 74 3d 24 7b 41 44 5f 57 49 44 54 48 7d 78 24 7b 41 44 5f 48 45 49 47 48 54 7d 5c 75 30 30 32 36 72 64 73 3d 24 7b 52 45 4e 44 45 52 5f 44 41 54 41 7d 5c 75 30 30 32 36 73 65 61 74 3d 32 5c 75 30 30 32 36 72 70 5f 69 64 3d 72 31 6a 37 39 30 34 32 38 33 38 31 32 21 34 73 2a 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 35 36 37 38 36 34 31 31 32 35 38 22 2c 22 36 38 31 31 36 34 33 32 36 30 36 30 22 2c 22 31 22 2c 22 32 30
                                                                                                                                                                                                                                                                                    Data Ascii: https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=156786411258\u0026cr_id=681164326060\u0026cv_id=1\u0026format=${AD_WIDTH}x${AD_HEIGHT}\u0026rds=${RENDER_DATA}\u0026seat=2\u0026rp_id=r1j7904283812!4s*2A","metadata":["156786411258","681164326060","1","20
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 32 41 22 2c 22 6d 65 74 61 64 61 74 61 22 3a 5b 22 31 36 33 37 36 36 35 39 37 39 32 38 22 2c 22 36 38 38 37 36 36 38 32 30 34 31 31 22 2c 6e 75 6c 6c 2c 22 32 30 37 38 38 30 37 39 38 38 37 22 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 6e 75 6c 6c 2c 22 34 37 35 38 31 36 31 36 35 22 5d 2c 22 61 64 52 65 6e 64 65 72 49 64 22 3a 22 49 35 68 70 6a 63 30 6f 68 61 51 22 2c 22 62 75 79 65 72 52 65 70 6f 72 74 69 6e 67 49 64 22 3a 22 31 6a 34 37 35 38 31 36 31 36 35 21 34 73 2a 32 41 22 7d 2c 7b 22 72 65 6e 64 65 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 74 64 73 66 2e 64 6f 75 62 6c 65 63 6c 69 63 6b 2e 6e 65 74 2f 74 64 2f 61 64 66 65 74 63 68 2f 67 64 61 3f 61 64 67 5f 69 64 3d 31 36 33 37 36 36 35 39 37 39 32 38 5c 75 30
                                                                                                                                                                                                                                                                                    Data Ascii: 2A","metadata":["163766597928","688766820411",null,"20788079887",null,null,null,null,null,null,"475816165"],"adRenderId":"I5hpjc0ohaQ","buyerReportingId":"1j475816165!4s*2A"},{"renderUrl":"https://tdsf.doubleclick.net/td/adfetch/gda?adg_id=163766597928\u0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    34192.168.2.549789142.250.185.194443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1426OUTGET /pagead/viewthroughconversion/858128210/?random=1731360324107&cv=11&fst=1731360324107&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&label=kTaFCIuq0YYZENL-l5kD&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dconversion&rfmt=3&fmt=4 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: googleads.g.doubleclick.net
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: test_cookie=CheckForPermission
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1011INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                    Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                    Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:25 GMT
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                    Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                    Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                    Server: cafe
                                                                                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                    Set-Cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
                                                                                                                                                                                                                                                                                    Set-Cookie: IDE=AHWqTUmj4f8fw-7FwgYOUCeLwcOBOTOfEot7hXEyk20wA-6pQfqs04TnSycLi7vy; expires=Wed, 11-Nov-2026 21:25:25 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                    Accept-Ranges: none
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC367INData Raw: 31 33 36 62 0d 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 73 20 3d 20 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 68 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 64 29 7b 69 66 28 61 3d 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 7c 7c 61 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 29 72 65 74 75 72 6e 20 61 3b 61 5b 62 5d 3d 64 2e 76 61 6c 75 65 3b 72 65 74 75 72 6e 20 61 7d 3b 66 75 6e 63 74 69 6f 6e 20 6b 28 61 29 7b 61 3d 5b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c
                                                                                                                                                                                                                                                                                    Data Ascii: 136b(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,d){if(a==Array.prototype||a==Object.prototype)return a;a[b]=d.value;return a};function k(a){a=["object"==typeof globalThis&&global
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 62 3c 61 2e 6c 65 6e 67 74 68 3b 2b 2b 62 29 7b 76 61 72 20 64 3d 61 5b 62 5d 3b 69 66 28 64 26 26 64 2e 4d 61 74 68 3d 3d 4d 61 74 68 29 72 65 74 75 72 6e 20 64 7d 74 68 72 6f 77 20 45 72 72 6f 72 28 22 43 61 6e 6e 6f 74 20 66 69 6e 64 20 67 6c 6f 62 61 6c 20 6f 62 6a 65 63 74 22 29 3b 7d 20 76 61 72 20 6d 3d 6b 28 74 68 69 73 29 2c 70 3d 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 26 26 74 79 70 65 6f 66 20 53 79 6d 62 6f 6c 28 22 78 22 29 3d 3d 3d 22 73 79 6d 62 6f 6c 22 2c 74 3d 7b 7d 2c 76 3d 7b 7d 3b 66 75 6e 63 74 69 6f 6e 20 77 28 61 2c 62 2c 64 29 7b 69 66 28 21 64 7c 7c 61 21 3d 6e 75 6c 6c 29 7b 64 3d 76 5b 62 5d 3b 69 66 28 64 3d 3d 6e 75 6c 6c 29 72 65 74 75 72 6e 20 61 5b 62 5d 3b 64 3d 61 5b 64 5d 3b 72 65
                                                                                                                                                                                                                                                                                    Data Ascii: b<a.length;++b){var d=a[b];if(d&&d.Math==Math)return d}throw Error("Cannot find global object");} var m=k(this),p=typeof Symbol==="function"&&typeof Symbol("x")==="symbol",t={},v={};function w(a,b,d){if(!d||a!=null){d=v[b];if(d==null)return a[b];d=a[d];re
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 2b 2b 29 69 66 28 4c 3d 4c 5b 4b 5b 4d 5d 5d 2c 4c 3d 3d 6e 75 6c 6c 29 7b 48 3d 6e 75 6c 6c 3b 62 72 65 61 6b 20 61 7d 48 3d 4c 7d 76 61 72 20 4e 3d 48 26 26 48 5b 36 31 30 34 30 31 33 30 31 5d 3b 47 3d 4e 21 3d 6e 75 6c 6c 3f 4e 3a 21 31 3b 76 61 72 20 4f 2c 50 3d 7a 2e 6e 61 76 69 67 61 74 6f 72 3b 4f 3d 50 3f 50 2e 75 73 65 72 41 67 65 6e 74 44 61 74 61 7c 7c 6e 75 6c 6c 3a 6e 75 6c 6c 3b 66 75 6e 63 74 69 6f 6e 20 51 28 61 29 7b 72 65 74 75 72 6e 20 47 3f 4f 3f 4f 2e 62 72 61 6e 64 73 2e 73 6f 6d 65 28 66 75 6e 63 74 69 6f 6e 28 62 29 7b 72 65 74 75 72 6e 28 62 3d 62 2e 62 72 61 6e 64 29 26 26 62 2e 69 6e 64 65 78 4f 66 28 61 29 21 3d 2d 31 7d 29 3a 21 31 3a 21 31 7d 66 75 6e 63 74 69 6f 6e 20 52 28 61 29 7b 76 61 72 20 62 3b 61 3a 7b 69 66 28 62 3d
                                                                                                                                                                                                                                                                                    Data Ascii: ++)if(L=L[K[M]],L==null){H=null;break a}H=L}var N=H&&H[610401301];G=N!=null?N:!1;var O,P=z.navigator;O=P?P.userAgentData||null:null;function Q(a){return G?O?O.brands.some(function(b){return(b=b.brand)&&b.indexOf(a)!=-1}):!1:!1}function R(a){var b;a:{if(b=
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC1378INData Raw: 74 63 68 3d 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 29 7b 76 61 72 20 49 3d 77 28 4f 62 6a 65 63 74 2c 22 61 73 73 69 67 6e 22 29 2e 63 61 6c 6c 28 4f 62 6a 65 63 74 2c 7b 7d 2c 46 29 3b 6e 26 26 28 6e 2e 61 74 74 72 69 62 75 74 69 6f 6e 52 65 70 6f 72 74 69 6e 67 26 26 20 28 49 2e 61 74 74 72 69 62 75 74 69 6f 6e 52 65 70 6f 72 74 69 6e 67 3d 6e 2e 61 74 74 72 69 62 75 74 69 6f 6e 52 65 70 6f 72 74 69 6e 67 29 2c 6e 2e 62 72 6f 77 73 69 6e 67 54 6f 70 69 63 73 26 26 28 49 2e 62 72 6f 77 73 69 6e 67 54 6f 70 69 63 73 3d 6e 2e 62 72 6f 77 73 69 6e 67 54 6f 70 69 63 73 29 29 3b 74 72 79 7b 76 61 72 20 53 3d 43 2e 66 65 74 63 68 28 71 2c 49 29 3b 53 26 26 53 2e 63 61 74 63 68 28 42 29 3b 76 61 72 20 4a 3d 21 30 3b 62 72 65 61 6b 20 61 7d 63 61 74 63 68 28 62 61
                                                                                                                                                                                                                                                                                    Data Ascii: tch==="function"){var I=w(Object,"assign").call(Object,{},F);n&&(n.attributionReporting&& (I.attributionReporting=n.attributionReporting),n.browsingTopics&&(I.browsingTopics=n.browsingTopics));try{var S=C.fetch(q,I);S&&S.catch(B);var J=!0;break a}catch(ba
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC478INData Raw: 32 36 70 73 63 64 6c 5c 78 33 64 6e 6f 61 70 69 5c 78 32 36 61 75 69 64 5c 78 33 64 31 33 38 37 31 36 37 34 35 34 2e 31 37 33 31 33 36 30 33 32 34 5c 78 32 36 75 61 61 5c 78 33 64 78 38 36 5c 78 32 36 75 61 62 5c 78 33 64 36 34 5c 78 32 36 75 61 66 76 6c 5c 78 33 64 47 6f 6f 67 6c 65 25 32 35 32 30 43 68 72 6f 6d 65 25 33 42 31 31 37 2e 30 2e 35 39 33 38 2e 31 33 32 25 37 43 4e 6f 74 25 32 35 33 42 41 25 32 35 33 44 42 72 61 6e 64 25 33 42 38 2e 30 2e 30 2e 30 25 37 43 43 68 72 6f 6d 69 75 6d 25 33 42 31 31 37 2e 30 2e 35 39 33 38 2e 31 33 32 5c 78 32 36 75 61 6d 62 5c 78 33 64 30 5c 78 32 36 75 61 6d 5c 78 33 64 5c 78 32 36 75 61 70 5c 78 33 64 57 69 6e 64 6f 77 73 5c 78 32 36 75 61 70 76 5c 78 33 64 31 30 2e 30 2e 30 5c 78 32 36 75 61 77 5c 78 33 64 30
                                                                                                                                                                                                                                                                                    Data Ascii: 26pscdl\x3dnoapi\x26auid\x3d1387167454.1731360324\x26uaa\x3dx86\x26uab\x3d64\x26uafvl\x3dGoogle%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132\x26uamb\x3d0\x26uam\x3d\x26uap\x3dWindows\x26uapv\x3d10.0.0\x26uaw\x3d0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:25 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    35192.168.2.549792172.217.18.100443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:27 UTC1532OUTGET /pagead/1p-user-list/858128210/?random=1731360324107&cv=11&fst=1731358800000&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&label=kTaFCIuq0YYZENL-l5kD&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dconversion&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dteZIq5rAGF2SefPY-6KRy6GvqPBrE6svoIJiy1S0v8GJIpzm&random=4063220661&rmt_tld=0&ipr=y HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: www.google.com
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: cross-site
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:27 UTC602INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                    Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                    Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:27 GMT
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Security-Policy: script-src 'none'; object-src 'none'
                                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                    Server: cafe
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:27 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    36192.168.2.549793184.28.90.27443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:27 UTC161OUTHEAD /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Accept-Encoding: identity
                                                                                                                                                                                                                                                                                    User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                                                                    Host: fs.microsoft.com
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC467INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                    ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                                                                    Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                    Server: ECAcc (lpl/EF45)
                                                                                                                                                                                                                                                                                    X-CID: 11
                                                                                                                                                                                                                                                                                    X-Ms-ApiVersion: Distribute 1.2
                                                                                                                                                                                                                                                                                    X-Ms-Region: prod-weu-z1
                                                                                                                                                                                                                                                                                    Cache-Control: public, max-age=242415
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:27 GMT
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    X-CID: 2


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    37192.168.2.549797167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:27 UTC907OUTGET /lp/appstore/img/favicon.ico HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC307INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:28 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/x-icon
                                                                                                                                                                                                                                                                                    Content-Length: 4286
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC4286INData Raw: 00 00 01 00 01 00 20 20 00 00 01 00 20 00 a8 10 00 00 16 00 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 10 00 00 13 0b 00 00 13 0b 00 00 00 00 00 00 00 00 00 00 e3 dc d3 00 e2 dc d2 00 e4 db d4 00 e3 db d1 2d e2 da d1 8a e2 db d2 c9 e3 db d2 e6 e2 da d1 f3 e3 db d2 fd e2 db d2 ff e2 db d2 ff e2 db d2 ff e2 da d2 ff e2 da d2 ff e2 db d2 ff e3 db d2 ff e3 db d2 ff e3 db d2 ff e2 db d2 ff e3 db d2 ff e2 da d1 ff e2 da d1 ff e2 db d2 ff e2 da d1 fd e3 da d2 f4 e2 da d1 e6 e2 db d1 c9 e2 da d2 89 e2 db d2 2a e0 da d5 00 e3 dc d2 00 e2 dc d2 00 e3 dd d2 00 e1 de d2 02 e3 db d2 58 e3 db d2 d6 e3 db d2 fe e3 db d2 ff e3 db d2 ff e3 db d2 ff e3 db d2 ff e3 db d2 ff e3 db d2 ff e3 db d2 fe e3 db d2 ff e3 db d2 ff e3 db d2 ff e3 db d2 ff e3
                                                                                                                                                                                                                                                                                    Data Ascii: ( @ -*X


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    38192.168.2.549801167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC923OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:28 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC44INData Raw: 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 6e 6f 20 69 6e 66 6f 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 21{"state":"ok","result":"no info"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    39192.168.2.549799142.250.181.226443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC1293OUTGET /pagead/viewthroughconversion/858128210/?random=1731360324107&cv=11&fst=1731360324107&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&label=kTaFCIuq0YYZENL-l5kD&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dconversion&rfmt=3&fmt=4 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: googleads.g.doubleclick.net
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: IDE=AHWqTUmj4f8fw-7FwgYOUCeLwcOBOTOfEot7hXEyk20wA-6pQfqs04TnSycLi7vy
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC703INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    P3P: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
                                                                                                                                                                                                                                                                                    Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                    Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:28 GMT
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache, must-revalidate
                                                                                                                                                                                                                                                                                    Content-Type: text/javascript; charset=UTF-8
                                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                    Content-Disposition: attachment; filename="f.txt"
                                                                                                                                                                                                                                                                                    Server: cafe
                                                                                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                    Accept-Ranges: none
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC675INData Raw: 31 33 36 62 0d 0a 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 73 20 3d 20 7b 7d 3b 28 66 75 6e 63 74 69 6f 6e 28 29 7b 76 61 72 20 68 3d 74 79 70 65 6f 66 20 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 69 65 73 3d 3d 22 66 75 6e 63 74 69 6f 6e 22 3f 4f 62 6a 65 63 74 2e 64 65 66 69 6e 65 50 72 6f 70 65 72 74 79 3a 66 75 6e 63 74 69 6f 6e 28 61 2c 62 2c 64 29 7b 69 66 28 61 3d 3d 41 72 72 61 79 2e 70 72 6f 74 6f 74 79 70 65 7c 7c 61 3d 3d 4f 62 6a 65 63 74 2e 70 72 6f 74 6f 74 79 70 65 29 72 65 74 75 72 6e 20 61 3b 61 5b 62 5d 3d 64 2e 76 61 6c 75 65 3b 72 65 74 75 72 6e 20 61 7d 3b 66 75 6e 63 74 69 6f 6e 20 6b 28 61 29 7b 61 3d 5b 22 6f 62 6a 65 63 74 22 3d 3d 74 79 70 65 6f 66 20 67 6c 6f 62 61 6c 54 68 69 73 26 26 67 6c 6f 62 61 6c
                                                                                                                                                                                                                                                                                    Data Ascii: 136b(function(){var s = {};(function(){var h=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,d){if(a==Array.prototype||a==Object.prototype)return a;a[b]=d.value;return a};function k(a){a=["object"==typeof globalThis&&global
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC1378INData Raw: 72 20 63 3d 61 2e 73 70 6c 69 74 28 22 2e 22 29 3b 61 3d 63 2e 6c 65 6e 67 74 68 3d 3d 3d 31 3b 76 61 72 20 65 3d 63 5b 30 5d 2c 67 3b 21 61 26 26 65 20 69 6e 20 74 3f 67 3d 74 3a 67 3d 6d 3b 66 6f 72 28 65 3d 30 3b 65 3c 63 2e 6c 65 6e 67 74 68 2d 31 3b 65 2b 2b 29 7b 76 61 72 20 66 3d 63 5b 65 5d 3b 69 66 28 21 28 66 20 69 6e 20 67 29 29 62 72 65 61 6b 20 61 3b 67 3d 67 5b 66 5d 7d 63 3d 63 5b 63 2e 6c 65 6e 67 74 68 2d 31 5d 3b 64 3d 70 26 26 64 3d 3d 3d 22 65 73 36 22 3f 67 5b 63 5d 3a 6e 75 6c 6c 3b 62 3d 62 28 64 29 3b 62 21 3d 6e 75 6c 6c 26 26 28 61 3f 68 28 74 2c 63 2c 7b 63 6f 6e 66 69 67 75 72 61 62 6c 65 3a 21 30 2c 77 72 69 74 61 62 6c 65 3a 21 30 2c 76 61 6c 75 65 3a 62 7d 29 3a 62 21 3d 3d 64 26 26 28 76 5b 63 5d 3d 3d 3d 76 6f 69 64 20 30
                                                                                                                                                                                                                                                                                    Data Ascii: r c=a.split(".");a=c.length===1;var e=c[0],g;!a&&e in t?g=t:g=m;for(e=0;e<c.length-1;e++){var f=c[e];if(!(f in g))break a;g=g[f]}c=c[c.length-1];d=p&&d==="es6"?g[c]:null;b=b(d);b!=null&&(a?h(t,c,{configurable:!0,writable:!0,value:b}):b!==d&&(v[c]===void 0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC1378INData Raw: 64 65 78 4f 66 28 61 29 21 3d 2d 31 7d 3b 66 75 6e 63 74 69 6f 6e 20 54 28 29 7b 72 65 74 75 72 6e 20 47 3f 21 21 4f 26 26 4f 2e 62 72 61 6e 64 73 2e 6c 65 6e 67 74 68 3e 30 3a 21 31 7d 66 75 6e 63 74 69 6f 6e 20 55 28 29 7b 72 65 74 75 72 6e 20 54 28 29 3f 51 28 22 43 68 72 6f 6d 69 75 6d 22 29 3a 28 52 28 22 43 68 72 6f 6d 65 22 29 7c 7c 52 28 22 43 72 69 4f 53 22 29 29 26 26 21 28 54 28 29 3f 30 3a 52 28 22 45 64 67 65 22 29 29 7c 7c 52 28 22 53 69 6c 6b 22 29 7d 3b 21 52 28 22 41 6e 64 72 6f 69 64 22 29 7c 7c 55 28 29 3b 55 28 29 3b 52 28 22 53 61 66 61 72 69 22 29 26 26 28 55 28 29 7c 7c 28 54 28 29 3f 30 3a 52 28 22 43 6f 61 73 74 22 29 29 7c 7c 28 54 28 29 3f 30 3a 52 28 22 4f 70 65 72 61 22 29 29 7c 7c 28 54 28 29 3f 30 3a 52 28 22 45 64 67 65 22
                                                                                                                                                                                                                                                                                    Data Ascii: dexOf(a)!=-1};function T(){return G?!!O&&O.brands.length>0:!1}function U(){return T()?Q("Chromium"):(R("Chrome")||R("CriOS"))&&!(T()?0:R("Edge"))||R("Silk")};!R("Android")||U();U();R("Safari")&&(U()||(T()?0:R("Coast"))||(T()?0:R("Opera"))||(T()?0:R("Edge"
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC1378INData Raw: 63 6f 6e 26 26 44 2e 73 65 6e 64 42 65 61 63 6f 6e 28 71 29 7d 63 61 74 63 68 28 62 61 29 7b 41 2e 54 41 47 47 49 4e 47 3d 41 2e 54 41 47 47 49 4e 47 7c 7c 5b 5d 2c 41 2e 54 41 47 47 49 4e 47 5b 31 35 5d 3d 21 30 7d 63 61 7c 7c 45 28 71 29 3b 4a 3d 21 30 7d 7d 4a 26 26 65 28 29 7d 7d 28 66 29 29 29 3b 72 2e 6f 6e 6c 6f 61 64 3d 65 3b 72 2e 73 72 63 3d 64 5b 66 2e 67 5d 7d 65 28 29 7d 76 61 72 20 58 3d 5b 22 73 73 5f 22 5d 2c 59 3d 73 7c 7c 7a 3b 58 5b 30 5d 69 6e 20 59 7c 7c 74 79 70 65 6f 66 20 59 2e 65 78 65 63 53 63 72 69 70 74 3d 3d 22 75 6e 64 65 66 69 6e 65 64 22 7c 7c 59 2e 65 78 65 63 53 63 72 69 70 74 28 22 76 61 72 20 22 2b 58 5b 30 5d 29 3b 20 66 6f 72 28 76 61 72 20 5a 3b 58 2e 6c 65 6e 67 74 68 26 26 28 5a 3d 58 2e 73 68 69 66 74 28 29 29 3b
                                                                                                                                                                                                                                                                                    Data Ascii: con&&D.sendBeacon(q)}catch(ba){A.TAGGING=A.TAGGING||[],A.TAGGING[15]=!0}ca||E(q);J=!0}}J&&e()}}(f)));r.onload=e;r.src=d[f.g]}e()}var X=["ss_"],Y=s||z;X[0]in Y||typeof Y.execScript=="undefined"||Y.execScript("var "+X[0]); for(var Z;X.length&&(Z=X.shift());
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC170INData Raw: 5c 78 33 64 33 5c 78 32 36 66 6d 74 5c 78 33 64 33 5c 78 32 36 69 73 5f 76 74 63 5c 78 33 64 31 5c 78 32 36 63 69 64 5c 78 33 64 43 41 51 53 4b 51 43 61 37 4c 37 64 44 52 71 76 49 44 68 73 5f 69 4d 2d 72 4e 64 36 5a 2d 6c 4e 65 39 6c 30 56 49 69 48 36 43 31 6e 73 34 56 31 64 65 44 53 36 68 37 70 79 52 7a 70 5c 78 32 36 72 61 6e 64 6f 6d 5c 78 33 64 32 31 32 38 31 36 38 36 30 34 5c 78 32 36 72 6d 74 5f 74 6c 64 5c 78 33 64 30 5c 78 32 36 69 70 72 5c 78 33 64 79 27 5d 2c 20 5b 5d 29 3b 7d 29 28 29 3b 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: \x3d3\x26fmt\x3d3\x26is_vtc\x3d1\x26cid\x3dCAQSKQCa7L7dDRqvIDhs_iM-rNd6Z-lNe9l0VIiH6C1ns4V1deDS6h7pyRzp\x26random\x3d2128168604\x26rmt_tld\x3d0\x26ipr\x3dy'], []);})();
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    40192.168.2.549800216.58.212.132443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC1301OUTGET /pagead/1p-user-list/858128210/?random=1731360324107&cv=11&fst=1731358800000&bg=ffffff&guid=ON&async=1&gtm=45be4b70v9103256652za200zb898645365&gcd=13l3l3l3l1l1&dma=0&tag_exp=101823848~101925629~102077855&u_w=1280&u_h=1024&url=https%3A%2F%2Fpcapp.store%2F%3Fp%3Dlpd_installing_r2%26guid%3D2ED92742-89DC-DD72-92E8-869FA5A66493%26_fcid%3D1731354202975821%26_winver%3D19045%26version%3Dfa.1092c&label=kTaFCIuq0YYZENL-l5kD&hn=www.googleadservices.com&frm=0&tiba=APP%20STORE%3A%20Installing&value=1&currency_code=USD&npa=0&pscdl=noapi&auid=1387167454.1731360324&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B117.0.5938.132%7CNot%253BA%253DBrand%3B8.0.0.0%7CChromium%3B117.0.5938.132&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&fledge=1&data=event%3Dconversion&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dteZIq5rAGF2SefPY-6KRy6GvqPBrE6svoIJiy1S0v8GJIpzm&random=4063220661&rmt_tld=0&ipr=y HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: www.google.com
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    X-Client-Data: CIe2yQEIprbJAQipncoBCMDdygEIk6HLAQiFoM0BCOnFzQEIucrNAQiK080BGI/OzQEYwtjNARjrjaUX
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC602INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    P3P: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
                                                                                                                                                                                                                                                                                    Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                    Cross-Origin-Resource-Policy: cross-origin
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:28 GMT
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Expires: Fri, 01 Jan 1990 00:00:00 GMT
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Security-Policy: script-src 'none'; object-src 'none'
                                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                    Server: cafe
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    41192.168.2.549802209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC559OUTGET /lp/appstore/img/favicon.ico HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC307INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:28 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/x-icon
                                                                                                                                                                                                                                                                                    Content-Length: 4286
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC4286INData Raw: 00 00 01 00 01 00 20 20 00 00 01 00 20 00 a8 10 00 00 16 00 00 00 28 00 00 00 20 00 00 00 40 00 00 00 01 00 20 00 00 00 00 00 00 10 00 00 13 0b 00 00 13 0b 00 00 00 00 00 00 00 00 00 00 e3 dc d3 00 e2 dc d2 00 e4 db d4 00 e3 db d1 2d e2 da d1 8a e2 db d2 c9 e3 db d2 e6 e2 da d1 f3 e3 db d2 fd e2 db d2 ff e2 db d2 ff e2 db d2 ff e2 da d2 ff e2 da d2 ff e2 db d2 ff e3 db d2 ff e3 db d2 ff e3 db d2 ff e2 db d2 ff e3 db d2 ff e2 da d1 ff e2 da d1 ff e2 db d2 ff e2 da d1 fd e3 da d2 f4 e2 da d1 e6 e2 db d1 c9 e2 da d2 89 e2 db d2 2a e0 da d5 00 e3 dc d2 00 e2 dc d2 00 e3 dd d2 00 e1 de d2 02 e3 db d2 58 e3 db d2 d6 e3 db d2 fe e3 db d2 ff e3 db d2 ff e3 db d2 ff e3 db d2 ff e3 db d2 ff e3 db d2 ff e3 db d2 fe e3 db d2 ff e3 db d2 ff e3 db d2 ff e3 db d2 ff e3
                                                                                                                                                                                                                                                                                    Data Ascii: ( @ -*X


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    42192.168.2.549803184.28.90.27443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC239OUTGET /fs/windows/config.json HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Accept-Encoding: identity
                                                                                                                                                                                                                                                                                    If-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                    Range: bytes=0-2147483646
                                                                                                                                                                                                                                                                                    User-Agent: Microsoft BITS/7.8
                                                                                                                                                                                                                                                                                    Host: fs.microsoft.com
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC515INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    ApiVersion: Distribute 1.1
                                                                                                                                                                                                                                                                                    Content-Disposition: attachment; filename=config.json; filename*=UTF-8''config.json
                                                                                                                                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                    ETag: "0x64667F707FF07D62B733DBCB79EFE3855E6886C9975B0C0B467D46231B3FA5E7"
                                                                                                                                                                                                                                                                                    Last-Modified: Tue, 16 May 2017 22:58:00 GMT
                                                                                                                                                                                                                                                                                    Server: ECAcc (lpl/EF06)
                                                                                                                                                                                                                                                                                    X-CID: 11
                                                                                                                                                                                                                                                                                    X-Ms-ApiVersion: Distribute 1.2
                                                                                                                                                                                                                                                                                    X-Ms-Region: prod-weu-z1
                                                                                                                                                                                                                                                                                    Cache-Control: public, max-age=242377
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:28 GMT
                                                                                                                                                                                                                                                                                    Content-Length: 55
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    X-CID: 2
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC55INData Raw: 7b 22 66 6f 6e 74 53 65 74 55 72 69 22 3a 22 66 6f 6e 74 73 65 74 2d 32 30 31 37 2d 30 34 2e 6a 73 6f 6e 22 2c 22 62 61 73 65 55 72 69 22 3a 22 66 6f 6e 74 73 22 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    43192.168.2.549804209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC543OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:28 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:28 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    44192.168.2.5498054.175.87.197443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:32 UTC306OUTGET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=PlOGAW5Sm14mgv2&MD=U4rZXPB7 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                                    Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:32 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                    Expires: -1
                                                                                                                                                                                                                                                                                    Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                                    ETag: "XAopazV00XDWnJCwkmEWRv6JkbjRA9QSSZ2+e/3MzEk=_2880"
                                                                                                                                                                                                                                                                                    MS-CorrelationId: 16a47cf3-bc79-42ac-b7ee-edc1f9f2718a
                                                                                                                                                                                                                                                                                    MS-RequestId: d8aac107-9c62-4a57-b593-3fa679194845
                                                                                                                                                                                                                                                                                    MS-CV: vy5sW4di7UGMYGTE.0
                                                                                                                                                                                                                                                                                    X-Microsoft-SLSClientCache: 2880
                                                                                                                                                                                                                                                                                    Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:32 GMT
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Content-Length: 24490
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:32 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 92 1e 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 23 d0 00 00 14 00 00 00 00 00 10 00 92 1e 00 00 18 41 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 e6 42 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 78 cf 8d 5c 26 1e e6 42 43 4b ed 5c 07 54 13 db d6 4e a3 f7 2e d5 d0 3b 4c 42 af 4a 57 10 e9 20 bd 77 21 94 80 88 08 24 2a 02 02 d2 55 10 a4 a8 88 97 22 8a 0a d2 11 04 95 ae d2 8b 20 28 0a 88 20 45 05 f4 9f 80 05 bd ed dd f7 ff 77 dd f7 bf 65 d6 4a 66 ce 99 33 67 4e d9 7b 7f fb db 7b 56 f4 4d 34 b4 21 e0 a7 03 0a d9 fc 68 6e 1d 20 70 28 14 02 85 20 20 ad 61 10 08 e3 66 0d ed 66 9b 1d 6a 90 af 1f 17 f0 4b 68 35 01 83 6c fb 44 42 5c 7d 83 3d 03 30 be 3e ae be 58
                                                                                                                                                                                                                                                                                    Data Ascii: MSCFD#AdBenvironment.cabx\&BCK\TN.;LBJW w!$*U" ( EweJf3gN{{VM4!hn p( affjKh5lDB\}=0>X
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:32 UTC8666INData Raw: 04 01 31 2f 30 2d 30 0a 02 05 00 e1 2b 8a 50 02 01 00 30 0a 02 01 00 02 02 12 fe 02 01 ff 30 07 02 01 00 02 02 11 e6 30 0a 02 05 00 e1 2c db d0 02 01 00 30 36 06 0a 2b 06 01 04 01 84 59 0a 04 02 31 28 30 26 30 0c 06 0a 2b 06 01 04 01 84 59 0a 03 02 a0 0a 30 08 02 01 00 02 03 07 a1 20 a1 0a 30 08 02 01 00 02 03 01 86 a0 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05 00 03 81 81 00 0c d9 08 df 48 94 57 65 3e ad e7 f2 17 9c 1f ca 3d 4d 6c cd 51 e1 ed 9c 17 a5 52 35 0f fd de 4b bd 22 92 c5 69 e5 d7 9f 29 23 72 40 7a ca 55 9d 8d 11 ad d5 54 00 bb 53 b4 87 7b 72 84 da 2d f6 e3 2c 4f 7e ba 1a 58 88 6e d6 b9 6d 16 ae 85 5b b5 c2 81 a8 e0 ee 0a 9c 60 51 3a 7b e4 61 f8 c3 e4 38 bd 7d 28 17 d6 79 f0 c8 58 c6 ef 1f f7 88 65 b1 ea 0a c0 df f7 ee 5c 23 c2 27 fd 98 63 08 31
                                                                                                                                                                                                                                                                                    Data Ascii: 1/0-0+P000,06+Y1(0&0+Y0 00*HHWe>=MlQR5K"i)#r@zUTS{r-,O~Xnm[`Q:{a8}(yXe\#'c1


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    45192.168.2.549808167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:33 UTC923OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:33 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:33 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:33 UTC44INData Raw: 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 6e 6f 20 69 6e 66 6f 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 21{"state":"ok","result":"no info"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    46192.168.2.549811167.99.235.2034433688C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:33 UTC306OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_mini_installer&evt_action=download_done&result=12345678-1234-5678-90AB-CDDEEFAABBCC&_fcid=1731354202975821 HTTP/1.1
                                                                                                                                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:33 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:33 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    47192.168.2.549812209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:33 UTC543OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:33 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:33 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    48192.168.2.54981523.1.237.91443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:34 UTC1961OUTPOST /threshold/xls.aspx HTTP/1.1
                                                                                                                                                                                                                                                                                    Origin: https://www.bing.com
                                                                                                                                                                                                                                                                                    Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Accept-Language: en-CH
                                                                                                                                                                                                                                                                                    Content-type: text/xml
                                                                                                                                                                                                                                                                                    X-Agent-DeviceId: 01000A410900D492
                                                                                                                                                                                                                                                                                    X-BM-CBT: 1696428841
                                                                                                                                                                                                                                                                                    X-BM-DateFormat: dd/MM/yyyy
                                                                                                                                                                                                                                                                                    X-BM-DeviceDimensions: 784x984
                                                                                                                                                                                                                                                                                    X-BM-DeviceDimensionsLogical: 784x984
                                                                                                                                                                                                                                                                                    X-BM-DeviceScale: 100
                                                                                                                                                                                                                                                                                    X-BM-DTZ: 120
                                                                                                                                                                                                                                                                                    X-BM-Market: CH
                                                                                                                                                                                                                                                                                    X-BM-Theme: 000000;0078d7
                                                                                                                                                                                                                                                                                    X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E
                                                                                                                                                                                                                                                                                    X-Device-ClientSession: DB0AFB19004F47BC80E5208C7478FF22
                                                                                                                                                                                                                                                                                    X-Device-isOptin: false
                                                                                                                                                                                                                                                                                    X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                                                                                                                                                                                                    X-Device-OSSKU: 48
                                                                                                                                                                                                                                                                                    X-Device-Touch: false
                                                                                                                                                                                                                                                                                    X-DeviceID: 01000A410900D492
                                                                                                                                                                                                                                                                                    X-MSEdge-ExternalExp: d-thshld39,d-thshld42,d-thshld77,d-thshld78,staticsh
                                                                                                                                                                                                                                                                                    X-MSEdge-ExternalExpType: JointCoord
                                                                                                                                                                                                                                                                                    X-PositionerType: Desktop
                                                                                                                                                                                                                                                                                    X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                                                                                                                                                                                                    X-Search-CortanaAvailableCapabilities: None
                                                                                                                                                                                                                                                                                    X-Search-SafeSearch: Moderate
                                                                                                                                                                                                                                                                                    X-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard Time
                                                                                                                                                                                                                                                                                    X-UserAgeClass: Unknown
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                    Host: www.bing.com
                                                                                                                                                                                                                                                                                    Content-Length: 2484
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    Cookie: MUID=2F4E96DB8B7049E59AD4484C3C00F7CF; _SS=SID=1A6DEABB468B65843EB5F91B47916435&CPID=1731360301006&AC=1&CPH=d1a4eb75; _EDGE_S=SID=1A6DEABB468B65843EB5F91B47916435; SRCHHPGUSR=SRCHLANG=en&IPMH=986d886c&IPMID=1696428841029&HV=1696428756
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:34 UTC1OUTData Raw: 3c
                                                                                                                                                                                                                                                                                    Data Ascii: <
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:34 UTC2483OUTData Raw: 43 6c 69 65 6e 74 49 6e 73 74 52 65 71 75 65 73 74 3e 3c 43 49 44 3e 33 36 34 34 46 44 37 34 44 46 31 36 36 31 38 46 30 38 46 37 45 43 30 33 44 45 35 35 36 30 30 31 3c 2f 43 49 44 3e 3c 45 76 65 6e 74 73 3e 3c 45 3e 3c 54 3e 45 76 65 6e 74 2e 43 6c 69 65 6e 74 49 6e 73 74 3c 2f 54 3e 3c 49 47 3e 37 35 32 32 38 31 35 36 37 30 33 41 34 30 44 35 42 39 37 45 35 41 36 38 33 36 46 32 41 31 43 45 3c 2f 49 47 3e 3c 44 3e 3c 21 5b 43 44 41 54 41 5b 7b 22 43 75 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 22 2c 22 50 69 76 6f 74 22 3a 22 51 46 22 2c 22 54 22 3a 22 43 49 2e 42 6f 78 4d 6f 64 65 6c 22 2c 22 46 49 44 22 3a 22 43 49
                                                                                                                                                                                                                                                                                    Data Ascii: ClientInstRequest><CID>3644FD74DF16618F08F7EC03DE556001</CID><Events><E><T>Event.ClientInst</T><IG>75228156703A40D5B97E5A6836F2A1CE</IG><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init","Pivot":"QF","T":"CI.BoxModel","FID":"CI
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:34 UTC478INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                    X-MSEdge-Ref: Ref A: 8E629A33198445AEA06690E3701B08B3 Ref B: LAX311000109017 Ref C: 2024-11-11T21:25:34Z
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:34 GMT
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                    X-CDN-TraceID: 0.56ed0117.1731360334.65a1f4


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    49192.168.2.549816167.99.235.2034433688C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:34 UTC253OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_mini_installer&evt_action=done&_fcid=1731354202975821 HTTP/1.1
                                                                                                                                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:34 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:34 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:34 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    50192.168.2.549817167.99.235.2034437436C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:37 UTC245OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_installer&evt_action=internal&prev_v=fa.1092c HTTP/1.1
                                                                                                                                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:37 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:37 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:37 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    51192.168.2.549818167.99.235.2034437436C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:37 UTC237OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_installer&evt_action=start&permision= HTTP/1.1
                                                                                                                                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:37 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:37 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:37 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    52192.168.2.549819167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:38 UTC923OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:38 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:38 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:38 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:38 UTC44INData Raw: 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 6e 6f 20 69 6e 66 6f 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 21{"state":"ok","result":"no info"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    53192.168.2.549820167.99.235.2034437436C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:38 UTC275OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_installer&evt_action=installing&e=03000200-0400-0500-0006-000700080009&u=67 HTTP/1.1
                                                                                                                                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:38 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:38 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:38 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    54192.168.2.549821209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:38 UTC543OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:38 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:38 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:38 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    55192.168.2.549822167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:43 UTC923OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:43 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:43 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:43 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:43 UTC44INData Raw: 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 6e 6f 20 69 6e 66 6f 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 21{"state":"ok","result":"no info"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    56192.168.2.549823209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:43 UTC543OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:44 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:44 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:44 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    57192.168.2.549824167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:48 UTC923OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:48 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:48 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:48 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:48 UTC44INData Raw: 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 6e 6f 20 69 6e 66 6f 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 21{"state":"ok","result":"no info"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    58192.168.2.549825209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:49 UTC543OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:49 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:49 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:49 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    59192.168.2.549826167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:53 UTC923OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:53 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:53 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:53 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:53 UTC44INData Raw: 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 6e 6f 20 69 6e 66 6f 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 21{"state":"ok","result":"no info"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    60192.168.2.549827209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:53 UTC543OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:53 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:53 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:53 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    61192.168.2.549828167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:58 UTC923OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:58 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:58 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:58 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:58 UTC44INData Raw: 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 73 74 61 72 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 21{"state":"ok","result":"started"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    62192.168.2.549829209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:58 UTC543OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:59 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:25:58 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:25:59 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    63192.168.2.557516167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:03 UTC923OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:03 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:03 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:03 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:03 UTC44INData Raw: 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 73 74 61 72 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 21{"state":"ok","result":"started"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    64192.168.2.557518209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:03 UTC543OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:03 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:03 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:03 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    65192.168.2.557519167.99.235.2034437436C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:06 UTC255OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_installer&evt_action=localmac&addon[]=EC-F4-BB-57-0D-C9 HTTP/1.1
                                                                                                                                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:06 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:06 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:06 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    66192.168.2.557520167.99.235.2034437436C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:07 UTC285OUTPOST /inst_cpg.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&src=pcapp_full HTTP/1.1
                                                                                                                                                                                                                                                                                    Filename: tempPOSTData
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Content-Length: 2455
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:07 UTC2455OUTData Raw: 7b 22 73 79 73 74 65 6d 5f 73 74 61 74 73 22 3a 7b 22 6f 73 5f 6e 61 6d 65 22 3a 22 4d 69 63 72 6f 73 6f 66 74 2b 57 69 6e 64 6f 77 73 2b 31 30 2b 50 72 6f 22 2c 22 6f 73 5f 69 6e 73 74 61 6c 6c 64 61 74 65 22 3a 22 32 30 32 33 31 30 30 33 31 30 35 37 31 38 25 32 45 30 30 30 30 30 30 25 32 42 31 32 30 22 2c 22 6f 73 5f 70 72 6f 63 65 73 73 65 73 22 3a 22 31 31 30 22 2c 22 6f 73 5f 61 72 63 68 69 74 65 63 74 75 72 65 22 3a 22 36 34 2d 62 69 74 22 2c 22 6f 73 5f 76 69 72 74 6d 65 6d 22 3a 22 38 33 38 37 36 33 36 22 2c 22 6f 73 5f 6d 65 6d 22 3a 22 34 31 39 33 33 33 32 22 2c 22 63 70 75 5f 6e 61 6d 65 22 3a 22 49 6e 74 65 6c 25 32 38 52 25 32 39 2b 43 6f 72 65 25 32 38 54 4d 25 32 39 32 2b 43 50 55 2b 36 36 30 30 2b 25 34 30 2b 32 25 32 45 34 30 2b 47 48 7a
                                                                                                                                                                                                                                                                                    Data Ascii: {"system_stats":{"os_name":"Microsoft+Windows+10+Pro","os_installdate":"20231003105718%2E000000%2B120","os_processes":"110","os_architecture":"64-bit","os_virtmem":"8387636","os_mem":"4193332","cpu_name":"Intel%28R%29+Core%28TM%292+CPU+6600+%40+2%2E40+GHz
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:08 UTC509INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:08 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:08 UTC84INData Raw: 34 39 0d 0a 7b 22 63 70 67 22 3a 22 64 65 66 61 75 6c 74 22 2c 22 69 6e 73 74 5f 65 78 63 6c 22 3a 6e 75 6c 6c 2c 22 69 6e 73 74 5f 61 64 64 6f 6e 22 3a 6e 75 6c 6c 2c 22 69 6e 73 74 5f 61 64 76 61 6e 63 65 64 22 3a 6e 75 6c 6c 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 49{"cpg":"default","inst_excl":null,"inst_addon":null,"inst_advanced":null}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    67192.168.2.557521167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:08 UTC923OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:08 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:08 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:08 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:08 UTC44INData Raw: 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 73 74 61 72 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 21{"state":"ok","result":"started"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    68192.168.2.557522209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:08 UTC543OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:08 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:08 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:08 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    69192.168.2.557523167.99.235.2034437436C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:09 UTC238OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&inst_parent=&evt_src=fa_installer&evt_action=done HTTP/1.1
                                                                                                                                                                                                                                                                                    User-Agent: NSIS_Inetc (Mozilla)
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:09 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:09 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:09 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    70192.168.2.557525167.99.235.2034437972C:\Users\user\PCAppStore\PcAppStore.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:09 UTC237OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_product&evt_action=channel&id=-3&eng_time=1731365729572&nocache=5630890 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    User-Agent: WinHTTP 1.0
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:09 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:09 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:09 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    71192.168.2.55752418.239.94.394438004C:\Users\user\PCAppStore\Watchdog.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:09 UTC821OUTGET /p.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=watch_dog&evt_action=signal_event&data={"counter":0,"rid":"20241111162608.285630578","isPCAppRunning":1,"isNWStoreRunning":0,"registryInfo":{"pcAppInAutostart":1},"filesystemInfo":{"uiFolderExists":1,"uiFilesCount":55,"nwjsFolderExists":1,"nwjsFilesCount":132,"AutoUpdaterExeExists":1,"PcAppStoreExeExists":1,"pcappstoreIcoExists":1,"UninstallerExeExists":1,"NW_storeExeExists":1,"startupFolderLnkExists":1}}&eng_time=1731365729&nocache=5461 HTTP/1.1
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    UA-CPU: AMD64
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                                                                                    Host: d74queuslupub.cloudfront.net
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:09 UTC479INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Last-Modified: Thu, 26 May 2022 12:48:19 GMT
                                                                                                                                                                                                                                                                                    x-amz-version-id: null
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Server: AmazonS3
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 06:25:14 GMT
                                                                                                                                                                                                                                                                                    ETag: "d89746888da2d9510b64a9f031eaecd5"
                                                                                                                                                                                                                                                                                    X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                    Via: 1.1 ed52b6cbe30df623c9ae923641ddf518.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                    X-Amz-Cf-Pop: AMS1-P3
                                                                                                                                                                                                                                                                                    X-Amz-Cf-Id: wclNB-UjFpDg-7EGTa2M5fkG3G6kky_vfgvjsQYYVtHt01tygc_j6w==
                                                                                                                                                                                                                                                                                    Age: 54056
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:09 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    72192.168.2.5575264.175.87.197443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:10 UTC306OUTGET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=PlOGAW5Sm14mgv2&MD=U4rZXPB7 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33
                                                                                                                                                                                                                                                                                    Host: slscr.update.microsoft.com
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:11 UTC560INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    Pragma: no-cache
                                                                                                                                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                    Expires: -1
                                                                                                                                                                                                                                                                                    Last-Modified: Mon, 01 Jan 0001 00:00:00 GMT
                                                                                                                                                                                                                                                                                    ETag: "vic+p1MiJJ+/WMnK08jaWnCBGDfvkGRzPk9f8ZadQHg=_1440"
                                                                                                                                                                                                                                                                                    MS-CorrelationId: 1fa2af3f-dc6b-450e-869e-0a890de9aeeb
                                                                                                                                                                                                                                                                                    MS-RequestId: cc920c7d-9460-446d-8582-e3c0112298f3
                                                                                                                                                                                                                                                                                    MS-CV: /iRedFacH0WC/W9e.0
                                                                                                                                                                                                                                                                                    X-Microsoft-SLSClientCache: 1440
                                                                                                                                                                                                                                                                                    Content-Disposition: attachment; filename=environment.cab
                                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:10 GMT
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Content-Length: 30005
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:11 UTC15824INData Raw: 4d 53 43 46 00 00 00 00 8d 2b 00 00 00 00 00 00 44 00 00 00 00 00 00 00 03 01 01 00 01 00 04 00 5b 49 00 00 14 00 00 00 00 00 10 00 8d 2b 00 00 a8 49 00 00 00 00 00 00 00 00 00 00 64 00 00 00 01 00 01 00 72 4d 00 00 00 00 00 00 00 00 00 00 00 00 80 00 65 6e 76 69 72 6f 6e 6d 65 6e 74 2e 63 61 62 00 fe f6 51 be 21 2b 72 4d 43 4b ed 7c 05 58 54 eb da f6 14 43 49 37 0a 02 d2 b9 86 0e 41 52 a4 1b 24 a5 bb 43 24 44 18 94 90 92 52 41 3a 05 09 95 ee 54 b0 00 91 2e e9 12 10 04 11 c9 6f 10 b7 a2 67 9f bd cf 3e ff b7 ff b3 bf 73 ed e1 9a 99 f5 c6 7a d7 bb de f5 3e cf fd 3c f7 dc 17 4a 1a 52 e7 41 a8 97 1e 14 f4 e5 25 7d f4 05 82 82 c1 20 30 08 06 ba c3 05 02 11 7f a9 c1 ff d2 87 5c 1e f4 ed 65 8e 7a 1f f6 0a 40 03 1d 7b f9 83 2c 1c 2f db b8 3a 39 3a 58 38 ba 73 5e
                                                                                                                                                                                                                                                                                    Data Ascii: MSCF+D[I+IdrMenvironment.cabQ!+rMCK|XTCI7AR$C$DRA:T.og>sz><JRA%} 0\ez@{,/:9:X8s^
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:11 UTC14181INData Raw: 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 26 30 24 06 03 55 04 03 13 1d 4d 69 63 72 6f 73 6f 66 74 20 54 69 6d 65 2d 53 74 61 6d 70 20 50 43 41 20 32 30 31 30 30 1e 17 0d 32 33 31 30 31 32 31 39 30 37 32 35 5a 17 0d 32 35 30 31 31 30 31 39 30 37 32 35 5a 30 81 d2 31 0b 30 09 06 03 55 04 06 13 02 55 53 31 13 30 11 06 03 55 04 08 13 0a 57 61 73 68 69 6e 67 74 6f 6e 31 10 30 0e 06 03 55 04 07 13 07 52 65 64 6d 6f 6e 64 31 1e 30 1c 06 03 55 04 0a 13 15 4d 69 63 72 6f 73 6f 66 74 20 43 6f 72 70 6f 72 61 74 69 6f 6e 31 2d 30 2b 06 03 55 04 0b 13 24 4d 69 63 72 6f
                                                                                                                                                                                                                                                                                    Data Ascii: UUS10UWashington10URedmond10UMicrosoft Corporation1&0$UMicrosoft Time-Stamp PCA 20100231012190725Z250110190725Z010UUS10UWashington10URedmond10UMicrosoft Corporation1-0+U$Micro


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    73192.168.2.557527167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:13 UTC923OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:13 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:13 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:13 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:13 UTC44INData Raw: 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 73 74 61 72 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 21{"state":"ok","result":"started"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    74192.168.2.557528209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:13 UTC543OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:13 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:13 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:13 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    75192.168.2.557529167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:18 UTC923OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:18 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:18 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:18 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:18 UTC44INData Raw: 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 73 74 61 72 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 21{"state":"ok","result":"started"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    76192.168.2.557530209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:18 UTC543OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:18 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:18 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:18 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    77192.168.2.557532167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:23 UTC923OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:23 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:23 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:23 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:23 UTC44INData Raw: 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 73 74 61 72 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 21{"state":"ok","result":"started"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    78192.168.2.557535167.99.235.2034437972C:\Users\user\PCAppStore\PcAppStore.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:24 UTC263OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_product&evt_action=started&prnt=nsx2B3B.tmp&sys_lang=en-GB&eng_time=1731365743707&nocache=5645921 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    User-Agent: WinHTTP 1.0
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:24 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:24 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:24 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    79192.168.2.557538104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:26 UTC476OUTGET /src/main_code_nw.js HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:26 UTC363INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:26 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/javascript
                                                                                                                                                                                                                                                                                    Content-Length: 8013
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:26 UTC8013INData Raw: 76 61 72 20 6d 61 6b 65 50 6f 73 74 52 65 71 75 65 73 74 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 75 72 6c 2c 20 64 61 74 61 2c 20 63 61 6c 6c 62 61 63 6b 29 20 7b 0a 20 20 76 61 72 20 68 74 74 70 52 65 71 75 65 73 74 20 3d 20 6e 65 77 20 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 28 29 3b 0a 0a 20 20 69 66 20 28 21 68 74 74 70 52 65 71 75 65 73 74 29 20 7b 0a 20 20 20 20 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 22 47 69 76 69 6e 67 20 75 70 20 3a 28 20 43 61 6e 6e 6f 74 20 63 72 65 61 74 65 20 61 6e 20 58 4d 4c 48 54 54 50 20 69 6e 73 74 61 6e 63 65 22 29 3b 0a 20 20 20 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 0a 20 20 7d 0a 20 20 68 74 74 70 52 65 71 75 65 73 74 2e 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29
                                                                                                                                                                                                                                                                                    Data Ascii: var makePostRequest = function (url, data, callback) { var httpRequest = new XMLHttpRequest(); if (!httpRequest) { console.log("Giving up :( Cannot create an XMLHTTP instance"); return false; } httpRequest.onreadystatechange = function ()


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    80192.168.2.557539167.99.235.2034437972C:\Users\user\PCAppStore\PcAppStore.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:26 UTC285OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_product&evt_action=message_sending_error&eM=unknown%20recipient%3A%20menu_search&eng_time=1731365743727&nocache=5647718 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    User-Agent: WinHTTP 1.0
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:26 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:26 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:26 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    81192.168.2.557540104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:26 UTC476OUTGET /src/main_code_nw.js HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:27 UTC363INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:27 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/javascript
                                                                                                                                                                                                                                                                                    Content-Length: 8013
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:27 UTC8013INData Raw: 76 61 72 20 6d 61 6b 65 50 6f 73 74 52 65 71 75 65 73 74 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 75 72 6c 2c 20 64 61 74 61 2c 20 63 61 6c 6c 62 61 63 6b 29 20 7b 0a 20 20 76 61 72 20 68 74 74 70 52 65 71 75 65 73 74 20 3d 20 6e 65 77 20 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 28 29 3b 0a 0a 20 20 69 66 20 28 21 68 74 74 70 52 65 71 75 65 73 74 29 20 7b 0a 20 20 20 20 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 22 47 69 76 69 6e 67 20 75 70 20 3a 28 20 43 61 6e 6e 6f 74 20 63 72 65 61 74 65 20 61 6e 20 58 4d 4c 48 54 54 50 20 69 6e 73 74 61 6e 63 65 22 29 3b 0a 20 20 20 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 0a 20 20 7d 0a 20 20 68 74 74 70 52 65 71 75 65 73 74 2e 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29
                                                                                                                                                                                                                                                                                    Data Ascii: var makePostRequest = function (url, data, callback) { var httpRequest = new XMLHttpRequest(); if (!httpRequest) { console.log("Giving up :( Cannot create an XMLHTTP instance"); return false; } httpRequest.onreadystatechange = function ()


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    82192.168.2.557541104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:27 UTC722OUTGET /pixel.gif?evt_src=web&evt_action=new_fcid&ncrd=1731360386038&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:27 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:27 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:27 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    83192.168.2.557542167.99.235.203443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:27 UTC234OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_auto_updater&evt_action=start&&eng_time=1731360386471&nocache=287765 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    User-Agent: WinHTTP 1.0
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:27 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:27 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:27 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    84192.168.2.557543104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:28 UTC476OUTGET /src/main_code_nw.js HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:28 UTC363INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:28 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/javascript
                                                                                                                                                                                                                                                                                    Content-Length: 8013
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:28 UTC8013INData Raw: 76 61 72 20 6d 61 6b 65 50 6f 73 74 52 65 71 75 65 73 74 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 75 72 6c 2c 20 64 61 74 61 2c 20 63 61 6c 6c 62 61 63 6b 29 20 7b 0a 20 20 76 61 72 20 68 74 74 70 52 65 71 75 65 73 74 20 3d 20 6e 65 77 20 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 28 29 3b 0a 0a 20 20 69 66 20 28 21 68 74 74 70 52 65 71 75 65 73 74 29 20 7b 0a 20 20 20 20 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 22 47 69 76 69 6e 67 20 75 70 20 3a 28 20 43 61 6e 6e 6f 74 20 63 72 65 61 74 65 20 61 6e 20 58 4d 4c 48 54 54 50 20 69 6e 73 74 61 6e 63 65 22 29 3b 0a 20 20 20 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 0a 20 20 7d 0a 20 20 68 74 74 70 52 65 71 75 65 73 74 2e 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29
                                                                                                                                                                                                                                                                                    Data Ascii: var makePostRequest = function (url, data, callback) { var httpRequest = new XMLHttpRequest(); if (!httpRequest) { console.log("Giving up :( Cannot create an XMLHTTP instance"); return false; } httpRequest.onreadystatechange = function ()


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    85192.168.2.557544167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:28 UTC923OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:28 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:28 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:28 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:28 UTC44INData Raw: 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 73 74 61 72 74 65 64 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 21{"state":"ok","result":"started"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    86192.168.2.557545167.99.235.203443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:28 UTC376OUTGET /fa_version.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&end_v=fa.1092c&nocache=288906 HTTP/1.1
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    UA-CPU: AMD64
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:28 UTC509INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:28 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:28 UTC18INData Raw: 38 0d 0a 66 61 2e 31 30 35 39 6f 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 8fa.1059o0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    87192.168.2.557546104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:28 UTC476OUTGET /src/main_code_nw.js HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:29 UTC363INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:29 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/javascript
                                                                                                                                                                                                                                                                                    Content-Length: 8013
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:29 UTC8013INData Raw: 76 61 72 20 6d 61 6b 65 50 6f 73 74 52 65 71 75 65 73 74 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 75 72 6c 2c 20 64 61 74 61 2c 20 63 61 6c 6c 62 61 63 6b 29 20 7b 0a 20 20 76 61 72 20 68 74 74 70 52 65 71 75 65 73 74 20 3d 20 6e 65 77 20 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 28 29 3b 0a 0a 20 20 69 66 20 28 21 68 74 74 70 52 65 71 75 65 73 74 29 20 7b 0a 20 20 20 20 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 22 47 69 76 69 6e 67 20 75 70 20 3a 28 20 43 61 6e 6e 6f 74 20 63 72 65 61 74 65 20 61 6e 20 58 4d 4c 48 54 54 50 20 69 6e 73 74 61 6e 63 65 22 29 3b 0a 20 20 20 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 0a 20 20 7d 0a 20 20 68 74 74 70 52 65 71 75 65 73 74 2e 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29
                                                                                                                                                                                                                                                                                    Data Ascii: var makePostRequest = function (url, data, callback) { var httpRequest = new XMLHttpRequest(); if (!httpRequest) { console.log("Giving up :( Cannot create an XMLHTTP instance"); return false; } httpRequest.onreadystatechange = function ()


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    88192.168.2.557547209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:29 UTC543OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:29 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:29 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:29 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    89192.168.2.557548167.99.235.203443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:29 UTC232OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_auto_updater&evt_action=end&&eng_time=1731360388365&nocache=289640 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    User-Agent: WinHTTP 1.0
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:29 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:29 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:29 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    90192.168.2.557549104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:29 UTC476OUTGET /src/main_code_nw.js HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:29 UTC363INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:29 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/javascript
                                                                                                                                                                                                                                                                                    Content-Length: 8013
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:29 UTC8013INData Raw: 76 61 72 20 6d 61 6b 65 50 6f 73 74 52 65 71 75 65 73 74 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 75 72 6c 2c 20 64 61 74 61 2c 20 63 61 6c 6c 62 61 63 6b 29 20 7b 0a 20 20 76 61 72 20 68 74 74 70 52 65 71 75 65 73 74 20 3d 20 6e 65 77 20 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 28 29 3b 0a 0a 20 20 69 66 20 28 21 68 74 74 70 52 65 71 75 65 73 74 29 20 7b 0a 20 20 20 20 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 22 47 69 76 69 6e 67 20 75 70 20 3a 28 20 43 61 6e 6e 6f 74 20 63 72 65 61 74 65 20 61 6e 20 58 4d 4c 48 54 54 50 20 69 6e 73 74 61 6e 63 65 22 29 3b 0a 20 20 20 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 0a 20 20 7d 0a 20 20 68 74 74 70 52 65 71 75 65 73 74 2e 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29
                                                                                                                                                                                                                                                                                    Data Ascii: var makePostRequest = function (url, data, callback) { var httpRequest = new XMLHttpRequest(); if (!httpRequest) { console.log("Giving up :( Cannot create an XMLHTTP instance"); return false; } httpRequest.onreadystatechange = function ()


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    91192.168.2.557550172.64.41.3443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:30 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 128
                                                                                                                                                                                                                                                                                    Accept: application/dns-message
                                                                                                                                                                                                                                                                                    Accept-Language: *
                                                                                                                                                                                                                                                                                    User-Agent: Chrome
                                                                                                                                                                                                                                                                                    Accept-Encoding: identity
                                                                                                                                                                                                                                                                                    Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:30 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                    Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:30 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: cloudflare
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:30 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                    Content-Length: 468
                                                                                                                                                                                                                                                                                    CF-RAY: 8e115c6619ea4239-EWR
                                                                                                                                                                                                                                                                                    alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:30 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 1a 00 04 8e fa 50 63 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                    Data Ascii: wwwgstaticcomPc)


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    92192.168.2.557552104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:30 UTC476OUTGET /src/main_code_nw.js HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:30 UTC363INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:30 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/javascript
                                                                                                                                                                                                                                                                                    Content-Length: 8013
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:30 UTC8013INData Raw: 76 61 72 20 6d 61 6b 65 50 6f 73 74 52 65 71 75 65 73 74 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 75 72 6c 2c 20 64 61 74 61 2c 20 63 61 6c 6c 62 61 63 6b 29 20 7b 0a 20 20 76 61 72 20 68 74 74 70 52 65 71 75 65 73 74 20 3d 20 6e 65 77 20 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 28 29 3b 0a 0a 20 20 69 66 20 28 21 68 74 74 70 52 65 71 75 65 73 74 29 20 7b 0a 20 20 20 20 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 22 47 69 76 69 6e 67 20 75 70 20 3a 28 20 43 61 6e 6e 6f 74 20 63 72 65 61 74 65 20 61 6e 20 58 4d 4c 48 54 54 50 20 69 6e 73 74 61 6e 63 65 22 29 3b 0a 20 20 20 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 0a 20 20 7d 0a 20 20 68 74 74 70 52 65 71 75 65 73 74 2e 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29
                                                                                                                                                                                                                                                                                    Data Ascii: var makePostRequest = function (url, data, callback) { var httpRequest = new XMLHttpRequest(); if (!httpRequest) { console.log("Giving up :( Cannot create an XMLHTTP instance"); return false; } httpRequest.onreadystatechange = function ()


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    93192.168.2.557553104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:31 UTC476OUTGET /src/main_code_nw.js HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:31 UTC363INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:31 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/javascript
                                                                                                                                                                                                                                                                                    Content-Length: 8013
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:31 UTC8013INData Raw: 76 61 72 20 6d 61 6b 65 50 6f 73 74 52 65 71 75 65 73 74 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 75 72 6c 2c 20 64 61 74 61 2c 20 63 61 6c 6c 62 61 63 6b 29 20 7b 0a 20 20 76 61 72 20 68 74 74 70 52 65 71 75 65 73 74 20 3d 20 6e 65 77 20 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 28 29 3b 0a 0a 20 20 69 66 20 28 21 68 74 74 70 52 65 71 75 65 73 74 29 20 7b 0a 20 20 20 20 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 22 47 69 76 69 6e 67 20 75 70 20 3a 28 20 43 61 6e 6e 6f 74 20 63 72 65 61 74 65 20 61 6e 20 58 4d 4c 48 54 54 50 20 69 6e 73 74 61 6e 63 65 22 29 3b 0a 20 20 20 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 0a 20 20 7d 0a 20 20 68 74 74 70 52 65 71 75 65 73 74 2e 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29
                                                                                                                                                                                                                                                                                    Data Ascii: var makePostRequest = function (url, data, callback) { var httpRequest = new XMLHttpRequest(); if (!httpRequest) { console.log("Giving up :( Cannot create an XMLHTTP instance"); return false; } httpRequest.onreadystatechange = function ()


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    94192.168.2.557554104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:32 UTC476OUTGET /src/main_code_nw.js HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: script
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:32 UTC363INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:32 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/javascript
                                                                                                                                                                                                                                                                                    Content-Length: 8013
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:32 UTC8013INData Raw: 76 61 72 20 6d 61 6b 65 50 6f 73 74 52 65 71 75 65 73 74 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 75 72 6c 2c 20 64 61 74 61 2c 20 63 61 6c 6c 62 61 63 6b 29 20 7b 0a 20 20 76 61 72 20 68 74 74 70 52 65 71 75 65 73 74 20 3d 20 6e 65 77 20 58 4d 4c 48 74 74 70 52 65 71 75 65 73 74 28 29 3b 0a 0a 20 20 69 66 20 28 21 68 74 74 70 52 65 71 75 65 73 74 29 20 7b 0a 20 20 20 20 63 6f 6e 73 6f 6c 65 2e 6c 6f 67 28 22 47 69 76 69 6e 67 20 75 70 20 3a 28 20 43 61 6e 6e 6f 74 20 63 72 65 61 74 65 20 61 6e 20 58 4d 4c 48 54 54 50 20 69 6e 73 74 61 6e 63 65 22 29 3b 0a 20 20 20 20 72 65 74 75 72 6e 20 66 61 6c 73 65 3b 0a 20 20 7d 0a 20 20 68 74 74 70 52 65 71 75 65 73 74 2e 6f 6e 72 65 61 64 79 73 74 61 74 65 63 68 61 6e 67 65 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 29
                                                                                                                                                                                                                                                                                    Data Ascii: var makePostRequest = function (url, data, callback) { var httpRequest = new XMLHttpRequest(); if (!httpRequest) { console.log("Giving up :( Cannot create an XMLHTTP instance"); return false; } httpRequest.onreadystatechange = function ()


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    95192.168.2.557556104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC616OUTGET /appstore-taskbar/?a=notificationsTab&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&nocache=1731360391966 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC509INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC49INData Raw: 32 36 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 7b 22 69 6e 69 74 22 3a 66 61 6c 73 65 7d 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 26{"state":"ok","result":{"init":false}}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    96192.168.2.557560104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC603OUTGET /appstore-topbar/?a=init&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&nocache=1731360391973 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC509INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC49INData Raw: 32 36 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 7b 22 69 6e 69 74 22 3a 66 61 6c 73 65 7d 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 26{"state":"ok","result":{"init":false}}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    97192.168.2.557555104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC596OUTGET /appstore-widget/?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&nocache=1731360391976 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC509INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC59INData Raw: 33 30 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 7b 22 73 68 6f 77 22 3a 66 61 6c 73 65 2c 22 68 74 6d 6c 22 3a 22 22 7d 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 30{"state":"ok","result":{"show":false,"html":""}}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    98192.168.2.557559104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC626OUTGET /search-menu/?a=getTemplate&version=fa.1092c&p[tmplType]=search&p[guid]=2ED92742-89DC-DD72-92E8-869FA5A66493&p[version]=fa.1092c HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC501INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC15883INData Raw: 31 65 38 66 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 7b 22 61 75 74 6f 4f 70 65 6e 22 3a 7b 22 6f 70 65 6e 22 3a 66 61 6c 73 65 2c 22 61 70 70 49 64 22 3a 22 22 7d 2c 22 68 74 6d 6c 22 3a 22 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 5c 6e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 5c 22 65 6e 5c 22 3e 5c 6e 5c 74 3c 68 65 61 64 3e 5c 6e 5c 74 5c 74 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 5c 22 55 54 46 2d 38 5c 22 3e 5c 6e 5c 74 5c 74 3c 6d 65 74 61 20 6e 61 6d 65 3d 5c 22 76 69 65 77 70 6f 72 74 5c 22 20 63 6f 6e 74 65 6e 74 3d 5c 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 5c 22 3e 5c 6e 5c 74 5c 74 3c 74 69 74 6c 65 3e 53 65 61 72 63 68 20 6d 65 6e 75 3c
                                                                                                                                                                                                                                                                                    Data Ascii: 1e8f{"state":"ok","result":{"autoOpen":{"open":false,"appId":""},"html":"<!DOCTYPE html>\n<html lang=\"en\">\n\t<head>\n\t\t<meta charset=\"UTF-8\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n\t\t<title>Search menu<
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 65 78 3a 30 20 30 20 61 75 74 6f 3b 77 69 64 74 68 3a 39 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 78 78 6c 2d 31 32 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 66 6c 65 78 3a 30 3b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 61 75 74 6f 3b 66 6c 65 78 3a 30 20 30 20 61 75 74 6f 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 6f 66 66 73 65 74 2d 78 78 6c 2d 30 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 7d 2e 6f 66 66 73 65 74 2d 78 78 6c 2d 31 0d 0a 32 30 30 30 0d 0a 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 38 2e 33 33 33 33 33 33 33 33 25 7d 2e 6f 66 66 73 65 74 2d 78 78 6c 2d 32 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 31 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 6f 66 66 73 65 74 2d 78 78 6c 2d 33 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 32 35 25 7d 2e 6f 66 66 73 65 74
                                                                                                                                                                                                                                                                                    Data Ascii: ex:0 0 auto;width:91.66666667%}.col-xxl-12{-webkit-box-flex:0;-ms-flex:0 0 auto;flex:0 0 auto;width:100%}.offset-xxl-0{margin-left:0}.offset-xxl-12000{margin-left:8.33333333%}.offset-xxl-2{margin-left:16.66666667%}.offset-xxl-3{margin-left:25%}.offset
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 33 72 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 79 2d 73 6d 2d 61 75 74 6f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 74 2d 73 6d 2d 30 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 74 2d 73 6d 2d 31 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 32 0d 0a 32 30 30 30 0d 0a 35 72 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 74 2d 73 6d 2d 32 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 35 72 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 74 2d 73 6d 2d 33 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 72 65 6d 20 21 69 6d 70 6f 72 74
                                                                                                                                                                                                                                                                                    Data Ascii: portant;margin-bottom:3rem !important}.my-sm-auto{margin-top:auto !important;margin-bottom:auto !important}.mt-sm-0{margin-top:0 !important}.mt-sm-1{margin-top:.220005rem !important}.mt-sm-2{margin-top:.5rem !important}.mt-sm-3{margin-top:1rem !import
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 72 74 61 6e 74 7d 2e 61 6c 69 67 6e 2d 63 6f 6e 74 65 6e 74 2d 6c 67 2d 61 72 6f 75 6e 64 7b 2d 6d 73 2d 66 6c 65 78 2d 6c 69 6e 65 2d 70 61 63 6b 3a 64 69 73 74 72 69 62 75 74 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 61 6c 69 67 6e 2d 63 6f 6e 74 65 6e 74 3a 73 70 61 63 65 2d 61 72 6f 75 6e 64 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 61 6c 69 67 6e 2d 63 6f 6e 74 65 6e 74 2d 6c 67 2d 73 74 72 65 74 63 68 7b 2d 6d 73 2d 66 6c 65 78 2d 6c 69 6e 65 2d 70 61 63 6b 3a 73 74 72 65 74 63 68 20 21 69 6d 70 6f 72 74 61 6e 74 3b 61 6c 69 67 0d 0a 32 30 30 30 0d 0a 6e 2d 63 6f 6e 74 65 6e 74 3a 73 74 72 65 74 63 68 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 61 6c 69 67 6e 2d 73 65 6c 66 2d 6c 67 2d 61 75 74 6f 7b 2d 6d 73 2d 66 6c 65 78 2d 69 74 65 6d 2d 61 6c 69 67 6e 3a
                                                                                                                                                                                                                                                                                    Data Ascii: rtant}.align-content-lg-around{-ms-flex-line-pack:distribute !important;align-content:space-around !important}.align-content-lg-stretch{-ms-flex-line-pack:stretch !important;alig2000n-content:stretch !important}.align-self-lg-auto{-ms-flex-item-align:
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 72 65 63 74 69 6f 6e 3a 72 6f 77 2d 72 65 76 65 72 73 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 72 6f 77 2d 72 65 76 65 72 73 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 66 6c 65 78 2d 78 78 6c 2d 63 6f 6c 75 6d 6e 2d 72 65 76 65 72 73 65 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 6f 72 69 65 6e 74 3a 76 65 72 74 69 63 61 6c 20 21 69 6d 70 6f 72 74 61 6e 74 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 64 69 72 65 63 74 69 6f 6e 3a 72 65 76 65 72 73 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 2d 6d 73 2d 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 0d 0a 31 30 30 30 0d 0a 6f 6c 75 6d 6e 2d 72 65 76 65 72 73 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 2d 72 65 76 65 72 73
                                                                                                                                                                                                                                                                                    Data Ascii: rection:row-reverse !important;flex-direction:row-reverse !important}.flex-xxl-column-reverse{-webkit-box-orient:vertical !important;-webkit-box-direction:reverse !important;-ms-flex-direction:c1000olumn-reverse !important;flex-direction:column-revers
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 69 64 74 68 3a 34 30 70 78 3b 68 65 69 67 68 74 3a 34 30 70 78 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 34 70 78 3b 62 61 63 6b 67 72 6f 75 6e 64 3a 72 67 62 61 28 32 35 35 2c 32 35 35 2c 32 35 35 2c 2e 31 29 3b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 34 70 78 7d 2e 73 65 61 72 63 68 2d 61 6e 73 77 65 72 5f 5f 69 6d 67 20 69 6d 67 2c 2e 73 65 61 72 63 68 2d 61 6e 73 77 65 72 5f 5f 69 6d 67 20 73 76 67 7b 77 69 64 74 68 3a 34 30 70 78 3b 62 6f 72 64 65 72 2d 72 61 64 69 75 73 3a 32 70 78 7d 2e 73 65 61 72 63 68 2d 61 6e 73 77 65 72 5f 5f 69 6d 67 2d 62 61 63 6b 67 72 6f 75 6e 64 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a 30 3b 77 69 64 74 68 3a 31 30 30 25
                                                                                                                                                                                                                                                                                    Data Ascii: idth:40px;height:40px;border-radius:4px;background:rgba(255,255,255,.1);overflow:hidden;margin-bottom:4px}.search-answer__img img,.search-answer__img svg{width:40px;border-radius:2px}.search-answer__img-background{position:absolute;top:0;left:0;width:100%
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 74 2c 20 61 2c 20 72 29 20 7b 5c 6e 20 20 72 65 74 75 72 6e 20 7b 5c 6e 20 20 20 20 67 65 74 4d 65 74 61 64 61 74 61 3a 20 66 75 6e 63 74 69 6f 6e 20 28 6f 29 20 7b 5c 6e 20 20 20 20 20 20 6f 6c 64 5f 61 73 73 65 72 74 4e 6f 74 46 69 6e 69 73 68 65 64 28 72 2c 20 5c 22 67 65 74 4d 65 74 61 64 61 74 61 5c 22 29 2c 20 6f 6c 64 5f 61 73 73 65 72 74 4d 65 74 61 64 61 74 61 4b 65 79 28 6f 29 3b 5c 6e 20 20 20 20 20 20 76 61 72 20 69 20 3d 20 65 5b 6f 5d 3b 5c 6e 20 20 20 20 20 20 69 66 20 28 76 6f 69 64 20 30 20 21 3d 3d 20 69 29 20 69 66 20 28 31 20 3d 3d 3d 20 74 29 20 7b 5c 6e 20 20 20 20 20 20 20 20 76 61 72 20 6e 20 3d 20 69 2e 70 75 62 6c 69 63 3b 5c 6e 20 20 20 20 20 20 20 20 69 66 20 28 76 0d 0a 32 30 30 30 0d 0a 6f 69 64 20 30 20 21 3d 3d 20 6e 29 20
                                                                                                                                                                                                                                                                                    Data Ascii: t, a, r) {\n return {\n getMetadata: function (o) {\n old_assertNotFinished(r, \"getMetadata\"), old_assertMetadataKey(o);\n var i = e[o];\n if (void 0 !== i) if (1 === t) {\n var n = i.public;\n if (v2000oid 0 !== n)
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 6f 69 64 20 30 5c 22 29 3b 5c 6e 20 20 20 20 20 20 76 6f 69 64 20 30 20 21 3d 3d 20 74 2e 67 65 74 20 26 26 20 61 73 73 65 72 74 43 61 6c 6c 61 62 6c 65 28 74 2e 67 65 74 2c 20 5c 22 61 63 63 65 73 73 6f 72 2e 67 65 74 5c 22 29 2c 20 76 6f 69 64 20 30 20 21 3d 3d 20 74 2e 73 65 74 20 26 26 20 61 73 73 65 72 74 43 61 6c 6c 61 62 6c 65 28 74 2e 73 65 74 2c 20 5c 22 61 63 63 65 73 73 6f 72 2e 73 65 74 5c 22 29 2c 20 76 6f 69 64 20 30 20 21 3d 3d 20 74 2e 69 6e 69 74 20 26 26 20 61 73 73 65 72 74 43 61 6c 6c 61 62 6c 65 28 74 2e 69 6e 69 74 2c 20 5c 22 61 63 63 65 73 73 6f 72 2e 69 6e 69 74 5c 22 29 3b 5c 6e 20 20 20 20 7d 20 65 6c 73 65 20 69 66 20 28 5c 22 66 75 6e 63 74 69 6f 6e 5c 22 20 21 3d 3d 20 72 29 20 74 68 72 6f 77 20 6e 65 77 20 54 0d 0a 32 30 30
                                                                                                                                                                                                                                                                                    Data Ascii: oid 0\");\n void 0 !== t.get && assertCallable(t.get, \"accessor.get\"), void 0 !== t.set && assertCallable(t.set, \"accessor.set\"), void 0 !== t.init && assertCallable(t.init, \"accessor.init\");\n } else if (\"function\" !== r) throw new T200
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 20 74 68 61 74 20 68 61 73 20 74 68 65 20 73 61 6d 65 20 6e 61 6d 65 20 61 73 20 61 20 70 72 65 76 69 6f 75 73 6c 79 20 64 65 63 6f 72 61 74 65 64 20 70 75 62 6c 69 63 20 6d 65 74 68 6f 64 5c 2f 61 63 63 65 73 73 6f 72 2e 20 54 68 69 73 20 69 73 20 6e 6f 74 20 63 75 72 72 65 6e 74 6c 79 20 73 75 70 70 6f 72 74 65 64 20 62 79 20 74 68 65 20 64 65 63 6f 72 61 74 6f 72 73 20 70 6c 75 67 69 6e 2e 20 50 72 6f 70 65 72 74 79 20 6e 61 6d 65 20 77 61 73 3a 20 5c 22 20 2b 20 68 29 3b 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 75 2e 73 65 74 28 62 2c 20 21 28 64 20 3e 20 32 29 20 7c 7c 20 64 29 3b 5c 6e 20 20 20 20 20 20 20 20 20 20 7d 5c 6e 20 20 20 20 20 20 20 20 20 20 61 70 70 6c 79 44 65 63 28 76 20 3f 20 65 20 3a 20 65 2e 70 72 6f 74 6f 74 79 70 65 2c 20 70 2c
                                                                                                                                                                                                                                                                                    Data Ascii: that has the same name as a previously decorated public method\/accessor. This is not currently supported by the decorators plugin. Property name was: \" + h);\n u.set(b, !(d > 2) || d);\n }\n applyDec(v ? e : e.prototype, p,
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 6b 65 79 73 20 3d 20 66 75 6e 63 74 69 6f 6e 20 28 74 29 20 7b 5c 6e 20 20 20 20 76 61 72 20 65 20 3d 20 4f 62 6a 65 63 74 28 74 29 2c 5c 6e 20 20 20 20 20 20 72 20 3d 20 5b 5d 3b 5c 6e 20 20 20 20 66 6f 72 20 28 76 61 72 20 6e 20 69 6e 20 65 29 20 72 2e 70 75 73 68 28 6e 29 3b 5c 6e 20 20 20 20 72 65 74 75 72 6e 20 72 2e 72 65 76 65 72 73 65 28 29 2c 20 66 75 6e 63 74 69 6f 6e 20 6e 65 78 74 28 29 20 7b 5c 6e 20 20 20 20 20 20 66 6f 72 20 28 3b 20 72 2e 6c 65 6e 67 74 68 3b 29 20 7b 5c 6e 20 20 20 20 20 20 20 20 76 61 72 20 74 20 3d 20 72 2e 70 6f 70 28 29 3b 5c 6e 20 20 20 20 20 20 20 20 69 66 20 28 74 20 69 6e 20 65 29 20 72 65 74 75 72 6e 20 6e 65 78 74 2e 76 61 6c 75 65 20 3d 20 74 2c 20 6e 65 78 74 2e 64 6f 6e 65 20 3d 20 21 31 2c 20 6e 65 78 74 3b
                                                                                                                                                                                                                                                                                    Data Ascii: keys = function (t) {\n var e = Object(t),\n r = [];\n for (var n in e) r.push(n);\n return r.reverse(), function next() {\n for (; r.length;) {\n var t = r.pop();\n if (t in e) return next.value = t, next.done = !1, next;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    99192.168.2.557557104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC624OUTGET /search-menu/?a=getTemplate&version=fa.1092c&p[tmplType]=menu&p[guid]=2ED92742-89DC-DD72-92E8-869FA5A66493&p[version]=fa.1092c HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC501INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC15883INData Raw: 31 65 38 66 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 7b 22 61 75 74 6f 4f 70 65 6e 22 3a 7b 22 6f 70 65 6e 22 3a 66 61 6c 73 65 2c 22 61 70 70 49 64 22 3a 22 22 7d 2c 22 68 74 6d 6c 22 3a 22 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 5c 6e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 5c 22 65 6e 5c 22 3e 5c 6e 5c 74 3c 68 65 61 64 3e 5c 6e 5c 74 5c 74 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 5c 22 55 54 46 2d 38 5c 22 3e 5c 6e 5c 74 5c 74 3c 6d 65 74 61 20 6e 61 6d 65 3d 5c 22 76 69 65 77 70 6f 72 74 5c 22 20 63 6f 6e 74 65 6e 74 3d 5c 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 5c 22 3e 5c 6e 5c 74 5c 74 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 3c 5c 2f 74
                                                                                                                                                                                                                                                                                    Data Ascii: 1e8f{"state":"ok","result":{"autoOpen":{"open":false,"appId":""},"html":"<!DOCTYPE html>\n<html lang=\"en\">\n\t<head>\n\t\t<meta charset=\"UTF-8\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n\t\t<title>Document<\/t
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 30 20 30 20 61 75 74 6f 3b 77 69 64 74 68 3a 39 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 78 78 6c 2d 31 32 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 66 6c 65 78 3a 30 3b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 61 75 74 6f 3b 66 6c 65 78 3a 30 20 30 20 61 75 74 6f 3b 77 69 64 74 68 3a 31 30 30 25 7d 2e 6f 66 66 73 65 74 2d 78 78 6c 2d 30 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 30 7d 2e 6f 66 66 73 65 74 2d 78 78 6c 2d 31 7b 6d 61 0d 0a 32 30 30 30 0d 0a 72 67 69 6e 2d 6c 65 66 74 3a 38 2e 33 33 33 33 33 33 33 33 25 7d 2e 6f 66 66 73 65 74 2d 78 78 6c 2d 32 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 31 36 2e 36 36 36 36 36 36 36 37 25 7d 2e 6f 66 66 73 65 74 2d 78 78 6c 2d 33 7b 6d 61 72 67 69 6e 2d 6c 65 66 74 3a 32 35 25 7d 2e 6f 66 66 73 65 74 2d 78 78
                                                                                                                                                                                                                                                                                    Data Ascii: 0 0 auto;width:91.66666667%}.col-xxl-12{-webkit-box-flex:0;-ms-flex:0 0 auto;flex:0 0 auto;width:100%}.offset-xxl-0{margin-left:0}.offset-xxl-1{ma2000rgin-left:8.33333333%}.offset-xxl-2{margin-left:16.66666667%}.offset-xxl-3{margin-left:25%}.offset-xx
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 33 72 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 79 2d 73 6d 2d 61 75 74 6f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 74 2d 73 6d 2d 30 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 30 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 74 2d 73 6d 2d 31 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 32 35 72 65 0d 0a 32 30 30 30 0d 0a 6d 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 74 2d 73 6d 2d 32 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 2e 35 72 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 74 2d 73 6d 2d 33 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 72 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74
                                                                                                                                                                                                                                                                                    Data Ascii: tant;margin-bottom:3rem !important}.my-sm-auto{margin-top:auto !important;margin-bottom:auto !important}.mt-sm-0{margin-top:0 !important}.mt-sm-1{margin-top:.25re2000m !important}.mt-sm-2{margin-top:.5rem !important}.mt-sm-3{margin-top:1rem !important
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 6e 74 7d 2e 61 6c 69 67 6e 2d 63 6f 6e 74 65 6e 74 2d 6c 67 2d 61 72 6f 75 6e 64 7b 2d 6d 73 2d 66 6c 65 78 2d 6c 69 6e 65 2d 70 61 63 6b 3a 64 69 73 74 72 69 62 75 74 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 61 6c 69 67 6e 2d 63 6f 6e 74 65 6e 74 3a 73 70 61 63 65 2d 61 72 6f 75 6e 64 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 61 6c 69 67 6e 2d 63 6f 6e 74 65 6e 74 2d 6c 67 2d 73 74 72 65 74 63 68 7b 2d 6d 73 2d 66 6c 65 78 2d 6c 69 6e 65 2d 70 61 63 6b 3a 73 74 72 65 74 63 68 20 21 69 6d 70 6f 72 74 61 6e 74 3b 61 6c 69 67 6e 2d 63 0d 0a 32 30 30 30 0d 0a 6f 6e 74 65 6e 74 3a 73 74 72 65 74 63 68 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 61 6c 69 67 6e 2d 73 65 6c 66 2d 6c 67 2d 61 75 74 6f 7b 2d 6d 73 2d 66 6c 65 78 2d 69 74 65 6d 2d 61 6c 69 67 6e 3a 61 75 74
                                                                                                                                                                                                                                                                                    Data Ascii: nt}.align-content-lg-around{-ms-flex-line-pack:distribute !important;align-content:space-around !important}.align-content-lg-stretch{-ms-flex-line-pack:stretch !important;align-c2000ontent:stretch !important}.align-self-lg-auto{-ms-flex-item-align:aut
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 74 69 6f 6e 3a 72 6f 77 2d 72 65 76 65 72 73 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 72 6f 77 2d 72 65 76 65 72 73 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 66 6c 65 78 2d 78 78 6c 2d 63 6f 6c 75 6d 6e 2d 72 65 76 65 72 73 65 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 6f 72 69 65 6e 74 3a 76 65 72 74 69 63 61 6c 20 21 69 6d 70 6f 72 74 61 6e 74 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 64 69 72 65 63 74 69 6f 6e 3a 72 65 76 65 72 73 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 2d 6d 73 2d 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 0d 0a 31 30 30 30 0d 0a 6d 6e 2d 72 65 76 65 72 73 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 2d 72 65 76 65 72 73 65 20 21
                                                                                                                                                                                                                                                                                    Data Ascii: tion:row-reverse !important;flex-direction:row-reverse !important}.flex-xxl-column-reverse{-webkit-box-orient:vertical !important;-webkit-box-direction:reverse !important;-ms-flex-direction:colu1000mn-reverse !important;flex-direction:column-reverse !
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 65 72 2d 73 6c 69 64 65 7b 73 63 72 6f 6c 6c 2d 73 6e 61 70 2d 61 6c 69 67 6e 3a 6e 6f 6e 65 7d 2e 73 77 69 70 65 72 2d 63 73 73 2d 6d 6f 64 65 2e 73 77 69 70 65 72 2d 63 65 6e 74 65 72 65 64 3e 2e 73 77 69 70 65 72 2d 77 72 61 70 70 65 72 3a 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 5c 22 5c 22 3b 2d 6d 73 2d 66 6c 65 78 2d 6e 65 67 61 74 69 76 65 3a 30 3b 66 6c 65 78 2d 73 68 72 69 6e 6b 3a 30 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 6f 72 64 69 6e 61 6c 2d 67 72 6f 75 70 3a 31 30 30 30 30 3b 2d 6d 73 2d 66 6c 65 78 2d 6f 72 64 65 72 3a 39 39 39 39 3b 6f 72 64 65 72 3a 39 39 39 39 7d 2e 73 77 69 70 65 72 2d 63 73 73 2d 6d 6f 64 65 2e 73 77 69 70 65 72 2d 63 65 6e 74 65 72 65 64 3e 2e 73 77 69 70 65 72 2d 77 72 61 70 70 65 72 3e 2e 73 77 69 70 65 72
                                                                                                                                                                                                                                                                                    Data Ascii: er-slide{scroll-snap-align:none}.swiper-css-mode.swiper-centered>.swiper-wrapper::before{content:\"\";-ms-flex-negative:0;flex-shrink:0;-webkit-box-ordinal-group:10000;-ms-flex-order:9999;order:9999}.swiper-css-mode.swiper-centered>.swiper-wrapper>.swiper
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 74 69 76 65 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 61 63 74 69 76 65 7b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 61 75 74 6f 7d 2e 73 77 69 70 65 72 2d 66 6c 69 70 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 73 68 61 64 6f 77 2d 66 6c 69 70 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 73 68 61 64 6f 77 2d 74 6f 70 2c 2e 73 77 69 70 65 72 2d 66 6c 69 70 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 73 68 61 64 6f 77 2d 66 6c 69 70 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 73 68 61 64 6f 77 2d 62 6f 74 74 6f 6d 2c 2e 73 77 69 70 65 72 2d 66 6c 69 70 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 73 68 61 64 6f 77 2d 66 6c 69 70 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 73 68 61 64 6f 77 2d 0d 0a 32 30 30 30 0d 0a 6c 65 66 74 2c 2e 73 77 69 70 65 72 2d
                                                                                                                                                                                                                                                                                    Data Ascii: tive .swiper-slide-active{pointer-events:auto}.swiper-flip .swiper-slide-shadow-flip.swiper-slide-shadow-top,.swiper-flip .swiper-slide-shadow-flip.swiper-slide-shadow-bottom,.swiper-flip .swiper-slide-shadow-flip.swiper-slide-shadow-2000left,.swiper-
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 34 25 2c 20 2d 35 30 25 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 2d 32 34 25 2c 20 2d 35 30 25 29 20 72 6f 74 61 74 65 28 34 35 64 65 67 29 7d 2e 75 70 2d 61 72 72 6f 77 2d 62 75 74 74 6f 6e 3a 61 66 74 65 72 7b 2d 77 65 62 6b 69 74 2d 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 2d 37 35 25 2c 20 2d 35 30 25 29 20 72 6f 74 61 74 65 28 2d 34 35 64 65 67 29 3b 74 72 61 6e 73 66 6f 72 6d 3a 74 72 61 6e 73 6c 61 74 65 28 2d 37 35 25 2c 20 2d 35 30 25 29 20 72 6f 74 61 74 65 28 2d 34 35 64 65 67 29 7d 2e 75 70 2d 61 72 72 6f 77 2d 62 75 74 74 6f 6e 3a 68 6f 76 65 72 7b 62 61 63 6b 67 72 6f 75 6e 64 2d 63 6f 6c 6f 72 3a 23 31 61 38 36 66 32 7d 2e 75 70 2d 61 72 72 0d 0a 32 30 30
                                                                                                                                                                                                                                                                                    Data Ascii: 4%, -50%) rotate(45deg);transform:translate(-24%, -50%) rotate(45deg)}.up-arrow-button:after{-webkit-transform:translate(-75%, -50%) rotate(-45deg);transform:translate(-75%, -50%) rotate(-45deg)}.up-arrow-button:hover{background-color:#1a86f2}.up-arr200
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 61 6c 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 64 69 72 65 63 74 69 6f 6e 3a 6e 6f 72 6d 61 6c 3b 2d 6d 73 2d 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 70 61 63 6b 3a 6a 75 73 74 69 66 79 3b 2d 6d 73 2d 66 6c 65 78 2d 70 61 63 6b 3a 6a 75 73 74 69 66 79 3b 6a 75 73 74 69 66 79 2d 63 6f 6e 74 65 6e 74 3a 73 70 61 63 65 2d 62 65 74 77 65 65 6e 3b 67 61 70 3a 31 31 70 78 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 66 6c 65 78 3a 30 3b 2d 6d 73 2d 66 6c 65 78 2d 70 6f 73 69 74 69 76 65 3a 30 3b 66 6c 65 78 2d 67 72 6f 77 3a 30 7d 2e 77 69 64 67 65 74 2d 73 65 74 74 69 6e 67 73 20 2e 73 65 74 74 69 6e 67 73 2d 69 74 65 6d 5f 5f 69 63 6f 6e 20
                                                                                                                                                                                                                                                                                    Data Ascii: al;-webkit-box-direction:normal;-ms-flex-direction:column;flex-direction:column;-webkit-box-pack:justify;-ms-flex-pack:justify;justify-content:space-between;gap:11px;-webkit-box-flex:0;-ms-flex-positive:0;flex-grow:0}.widget-settings .settings-item__icon
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 73 20 65 61 73 65 2d 69 6e 2d 6f 75 74 3b 2d 6f 2d 6f 62 6a 65 63 74 2d 66 69 74 3a 63 6f 6e 74 61 69 6e 3b 6f 62 6a 65 63 74 2d 66 69 74 3a 63 6f 6e 74 61 69 6e 7d 2e 69 6d 67 2d 73 6c 69 64 65 72 5f 5f 63 6c 6f 73 65 2d 62 74 6e 7b 63 75 72 73 6f 72 3a 70 6f 69 6e 74 65 72 3b 70 6f 73 69 74 69 6f 6e 3a 66 69 78 65 64 3b 74 6f 70 3a 33 36 70 78 3b 72 69 67 68 74 3a 35 36 70 78 3b 77 69 64 74 68 3a 34 30 70 78 3b 68 65 69 67 68 74 3a 34 30 70 78 3b 64 69 73 70 6c 61 79 3a 2d 77 65 62 6b 69 74 2d 62 6f 78 3b 64 69 73 70 6c 61 79 3a 2d 6d 73 2d 66 6c 65 78 62 6f 78 3b 64 69 73 70 6c 61 79 3a 66 6c 65 78 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 2d 6d 73 2d 66 6c 65 78 2d 61 6c 69 67 6e 3a 63 65 6e 74 65 72 3b 61 6c 69 67
                                                                                                                                                                                                                                                                                    Data Ascii: s ease-in-out;-o-object-fit:contain;object-fit:contain}.img-slider__close-btn{cursor:pointer;position:fixed;top:36px;right:56px;width:40px;height:40px;display:-webkit-box;display:-ms-flexbox;display:flex;-webkit-box-align:center;-ms-flex-align:center;alig


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    100192.168.2.557558104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC594OUTGET /appstore-menu/?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&nocache=1731360391981 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC611INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Set-Cookie: finishInstallInApp=done; expires=Tue, 11-Nov-2025 21:26:33 GMT; Max-Age=31536000; path=/
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC15773INData Raw: 31 65 32 31 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 7b 22 68 74 6d 6c 22 3a 22 3c 21 44 4f 43 54 59 50 45 20 68 74 6d 6c 3e 5c 6e 3c 68 74 6d 6c 20 6c 61 6e 67 3d 5c 22 65 6e 5c 22 20 63 6c 61 73 73 3d 5c 22 73 74 61 72 74 2d 6d 65 6e 75 2d 68 74 6d 6c 2d 2d 77 69 6e 64 6f 77 73 2d 31 31 31 5c 22 3e 5c 6e 5c 74 3c 68 65 61 64 3e 5c 6e 5c 74 5c 74 3c 6d 65 74 61 20 63 68 61 72 73 65 74 3d 5c 22 55 54 46 2d 38 5c 22 3e 5c 6e 5c 74 5c 74 3c 6d 65 74 61 20 6e 61 6d 65 3d 5c 22 76 69 65 77 70 6f 72 74 5c 22 20 63 6f 6e 74 65 6e 74 3d 5c 22 77 69 64 74 68 3d 64 65 76 69 63 65 2d 77 69 64 74 68 2c 20 69 6e 69 74 69 61 6c 2d 73 63 61 6c 65 3d 31 2e 30 5c 22 3e 5c 6e 5c 74 5c 74 3c 74 69 74 6c 65 3e 44 6f 63 75 6d 65 6e 74 3c 5c
                                                                                                                                                                                                                                                                                    Data Ascii: 1e21{"state":"ok","result":{"html":"<!DOCTYPE html>\n<html lang=\"en\" class=\"start-menu-html--windows-111\">\n\t<head>\n\t\t<meta charset=\"UTF-8\">\n\t\t<meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n\t\t<title>Document<\
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 74 6f 3b 77 69 64 74 68 3a 37 35 25 7d 2e 63 6f 6c 2d 78 78 6c 2d 31 30 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 66 6c 65 78 3a 30 3b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 61 75 74 6f 3b 66 6c 65 78 3a 30 20 30 20 61 75 74 6f 3b 77 69 64 74 68 3a 38 33 2e 33 33 33 33 33 33 33 33 25 7d 2e 63 6f 6c 2d 78 78 6c 2d 31 31 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 66 6c 65 78 3a 30 3b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 61 75 74 6f 3b 66 6c 0d 0a 32 30 30 30 0d 0a 65 78 3a 30 20 30 20 61 75 74 6f 3b 77 69 64 74 68 3a 39 31 2e 36 36 36 36 36 36 36 37 25 7d 2e 63 6f 6c 2d 78 78 6c 2d 31 32 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 66 6c 65 78 3a 30 3b 2d 6d 73 2d 66 6c 65 78 3a 30 20 30 20 61 75 74 6f 3b 66 6c 65 78 3a 30 20 30 20 61 75 74 6f 3b 77 69 64 74 68 3a 31
                                                                                                                                                                                                                                                                                    Data Ascii: to;width:75%}.col-xxl-10{-webkit-box-flex:0;-ms-flex:0 0 auto;flex:0 0 auto;width:83.33333333%}.col-xxl-11{-webkit-box-flex:0;-ms-flex:0 0 auto;fl2000ex:0 0 auto;width:91.66666667%}.col-xxl-12{-webkit-box-flex:0;-ms-flex:0 0 auto;flex:0 0 auto;width:1
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 70 3a 31 72 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 72 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 79 2d 73 6d 2d 34 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 31 2e 35 72 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 31 2e 35 72 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 79 2d 73 6d 2d 35 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 33 72 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 62 0d 0a 32 30 30 30 0d 0a 6f 74 74 6f 6d 3a 33 72 65 6d 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 6d 79 2d 73 6d 2d 61 75 74 6f 7b 6d 61 72 67 69 6e 2d 74 6f 70 3a 61 75 74 6f 20 21 69 6d 70 6f 72 74 61 6e 74 3b 6d 61 72 67 69 6e 2d 62 6f 74 74 6f 6d 3a 61 75 74 6f 20 21 69 6d 70 6f
                                                                                                                                                                                                                                                                                    Data Ascii: p:1rem !important;margin-bottom:1rem !important}.my-sm-4{margin-top:1.5rem !important;margin-bottom:1.5rem !important}.my-sm-5{margin-top:3rem !important;margin-b2000ottom:3rem !important}.my-sm-auto{margin-top:auto !important;margin-bottom:auto !impo
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 65 2d 70 61 63 6b 3a 63 65 6e 74 65 72 20 21 69 6d 70 6f 72 74 61 6e 74 3b 61 6c 69 67 6e 2d 63 6f 6e 74 65 6e 74 3a 63 65 6e 74 65 72 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 61 6c 69 67 6e 2d 63 6f 6e 74 65 6e 74 2d 6c 67 2d 62 65 74 77 65 65 6e 7b 2d 6d 73 2d 66 6c 65 78 2d 6c 69 6e 65 2d 70 61 63 6b 3a 6a 75 73 74 69 66 79 20 21 69 6d 70 6f 72 74 61 6e 74 3b 61 6c 69 67 6e 2d 63 6f 6e 74 65 6e 74 3a 73 70 61 63 65 2d 62 65 74 77 65 65 6e 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 61 6c 69 67 6e 2d 63 6f 6e 74 65 6e 74 2d 6c 67 2d 61 72 6f 75 6e 64 7b 2d 6d 73 2d 66 6c 65 78 2d 6c 69 6e 65 2d 70 61 63 6b 3a 64 69 73 74 72 69 62 75 74 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 61 6c 69 67 6e 2d 63 6f 6e 74 65 6e 74 3a 73 70 61 63 65 2d 61 72 6f 75 6e 64 20 21 69
                                                                                                                                                                                                                                                                                    Data Ascii: e-pack:center !important;align-content:center !important}.align-content-lg-between{-ms-flex-line-pack:justify !important;align-content:space-between !important}.align-content-lg-around{-ms-flex-line-pack:distribute !important;align-content:space-around !i
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 72 74 61 6e 74 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 63 6f 6c 75 6d 6e 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 66 6c 65 78 2d 78 78 6c 2d 72 6f 77 2d 72 65 76 65 72 73 65 7b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 6f 72 69 65 6e 74 3a 68 6f 72 69 7a 6f 6e 74 61 6c 20 21 69 6d 70 6f 72 74 61 6e 74 3b 2d 77 65 62 6b 69 74 2d 62 6f 78 2d 64 69 72 65 63 74 69 6f 6e 3a 72 65 76 65 72 73 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 2d 6d 73 2d 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 72 6f 77 2d 72 65 76 65 72 73 65 20 21 69 6d 70 6f 72 74 61 6e 74 3b 66 6c 65 78 2d 64 69 72 65 63 74 69 6f 6e 3a 72 6f 0d 0a 32 30 30 30 0d 0a 77 2d 72 65 76 65 72 73 65 20 21 69 6d 70 6f 72 74 61 6e 74 7d 2e 66 6c 65 78 2d 78 78 6c 2d 63 6f 6c 75 6d 6e 2d 72 65 76 65 72 73 65
                                                                                                                                                                                                                                                                                    Data Ascii: rtant;flex-direction:column !important}.flex-xxl-row-reverse{-webkit-box-orient:horizontal !important;-webkit-box-direction:reverse !important;-ms-flex-direction:row-reverse !important;flex-direction:ro2000w-reverse !important}.flex-xxl-column-reverse
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 70 65 72 2d 63 73 73 2d 6d 6f 64 65 2e 73 77 69 70 65 72 2d 66 72 65 65 2d 6d 6f 64 65 3e 2e 73 77 69 70 65 72 2d 77 72 61 70 70 65 72 7b 2d 6d 73 2d 73 63 72 6f 6c 6c 2d 73 6e 61 70 2d 74 79 70 65 3a 6e 6f 6e 65 3b 73 63 72 6f 6c 6c 2d 73 6e 61 70 2d 74 79 70 65 3a 6e 6f 6e 65 7d 2e 73 77 69 70 65 72 2d 63 73 73 2d 6d 6f 64 65 2e 73 77 69 70 65 72 2d 66 72 65 65 2d 6d 6f 64 65 3e 2e 73 77 69 70 65 72 2d 77 72 61 70 70 65 72 3e 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 7b 73 63 72 6f 6c 6c 2d 73 6e 61 70 2d 61 6c 69 67 6e 3a 6e 6f 6e 65 7d 2e 73 77 69 70 65 72 2d 63 73 73 2d 6d 6f 64 65 2e 73 77 69 70 65 72 2d 63 65 6e 74 65 72 65 64 3e 2e 73 77 69 0d 0a 32 30 30 30 0d 0a 70 65 72 2d 77 72 61 70 70 65 72 3a 3a 62 65 66 6f 72 65 7b 63 6f 6e 74 65 6e 74 3a 5c
                                                                                                                                                                                                                                                                                    Data Ascii: per-css-mode.swiper-free-mode>.swiper-wrapper{-ms-scroll-snap-type:none;scroll-snap-type:none}.swiper-css-mode.swiper-free-mode>.swiper-wrapper>.swiper-slide{scroll-snap-align:none}.swiper-css-mode.swiper-centered>.swi2000per-wrapper::before{content:\
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 66 61 63 65 2d 76 69 73 69 62 69 6c 69 74 79 3a 68 69 64 64 65 6e 3b 7a 2d 69 6e 64 65 78 3a 31 7d 2e 73 77 69 70 65 72 2d 66 6c 69 70 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 7b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 6e 6f 6e 65 7d 2e 73 77 69 70 65 72 2d 66 6c 69 70 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 61 63 74 69 76 65 2c 2e 73 77 69 70 65 72 2d 66 6c 69 70 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 61 63 74 69 76 65 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 61 63 74 69 76 65 7b 70 6f 69 6e 74 65 72 2d 65 76 65 6e 74 73 3a 61 75 74 6f 7d 2e 73 77 69 70 65 72 2d 66 6c 69 70 20 2e 73 77 69 70 65 72 2d 73 6c 69 64 65 2d 73 68 61 64 6f 77 2d 66 6c 69 70 2e 0d 0a 32 30 30 30 0d 0a 73 77 69 70 65
                                                                                                                                                                                                                                                                                    Data Ascii: face-visibility:hidden;z-index:1}.swiper-flip .swiper-slide .swiper-slide{pointer-events:none}.swiper-flip .swiper-slide-active,.swiper-flip .swiper-slide-active .swiper-slide-active{pointer-events:auto}.swiper-flip .swiper-slide-shadow-flip.2000swipe
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 5f 5f 6e 65 78 74 7b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 39 38 70 78 3b 7a 2d 69 6e 64 65 78 3a 76 61 72 28 2d 2d 7a 2d 69 6e 64 65 78 2d 31 35 29 7d 2e 61 70 70 73 2d 73 6c 69 64 65 72 2d 62 69 67 2d 62 74 6e 5f 5f 70 72 65 76 7b 6c 65 66 74 3a 31 32 70 78 7d 2e 61 70 70 73 2d 73 6c 69 64 65 72 2d 62 69 67 2d 62 74 6e 5f 5f 6e 65 78 74 7b 72 69 67 68 74 3a 31 32 70 78 7d 2e 61 70 70 73 2d 73 6c 69 64 65 72 2d 62 69 67 3a 68 6f 76 65 72 20 2e 73 6c 69 64 65 72 2d 62 74 6e 7b 6f 70 61 63 69 74 79 3a 2e 38 7d 2e 61 70 70 73 2d 73 6c 69 64 65 72 2d 6d 65 64 69 61 2d 63 6f 6e 74 61 69 6e 65 72 7b 6f 76 65 72 66 6c 6f 77 3a 68 69 64 64 65 6e 3b 70 6f 73 69 74 69 6f 6e 3a 61 62 73 6f 6c 75 74 65 3b 74 6f 70 3a 30 3b 6c 65 66 74 3a
                                                                                                                                                                                                                                                                                    Data Ascii: __next{position:absolute;top:98px;z-index:var(--z-index-15)}.apps-slider-big-btn__prev{left:12px}.apps-slider-big-btn__next{right:12px}.apps-slider-big:hover .slider-btn{opacity:.8}.apps-slider-media-container{overflow:hidden;position:absolute;top:0;left:
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 6d 65 20 2a 20 31 30 30 29 3b 5c 6e 20 20 66 6f 72 20 28 76 61 72 20 69 20 3d 20 31 2c 20 6c 20 3d 20 74 69 6d 65 20 2a 20 31 30 30 3b 20 69 20 3c 3d 20 6c 3b 20 69 2b 2b 29 20 7b 5c 6e 20 20 20 20 76 61 72 20 69 4f 70 61 63 69 74 79 20 3d 20 31 20 2d 20 69 20 2a 20 6f 70 61 63 69 74 79 3b 5c 6e 20 20 20 20 77 69 6e 64 6f 77 2e 73 65 74 54 69 6d 65 6f 75 74 28 5c 6e 20 20 20 20 20 20 66 75 6e 63 74 69 6f 6e 20 28 69 4f 70 61 63 69 74 79 29 20 7b 5c 6e 20 20 20 20 20 20 20 20 65 6c 2e 73 74 79 6c 65 2e 6f 70 61 63 69 74 79 20 3d 20 69 4f 70 61 63 69 74 79 3b 5c 6e 20 20 20 20 20 20 7d 2c 5c 6e 20 20 20 20 20 20 69 20 2a 20 31 30 2c 5c 6e 20 20 20 20 20 20 69 4f 70 61 63 69 74 79 5c 6e 20 20 20 20 29 3b 5c 6e 20 20 7d 5c 6e 20 20 77 69 6e 64 6f 77 2e 73 65
                                                                                                                                                                                                                                                                                    Data Ascii: me * 100);\n for (var i = 1, l = time * 100; i <= l; i++) {\n var iOpacity = 1 - i * opacity;\n window.setTimeout(\n function (iOpacity) {\n el.style.opacity = iOpacity;\n },\n i * 10,\n iOpacity\n );\n }\n window.se
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC16384INData Raw: 20 7b 5c 6e 20 20 20 20 20 20 66 6f 72 20 28 76 61 72 20 61 2c 20 6e 2c 20 69 20 3d 20 6e 65 77 20 4d 61 70 28 29 2c 20 73 20 3d 20 6e 65 77 20 4d 61 70 28 29 2c 20 6f 20 3d 20 30 3b 20 6f 20 3c 20 72 2e 6c 65 6e 67 74 68 3b 20 6f 2b 2b 29 20 7b 5c 6e 20 20 20 20 20 20 20 20 76 61 72 20 63 20 3d 20 72 5b 6f 5d 3b 5c 6e 20 20 20 20 20 20 20 20 69 66 20 28 41 72 72 61 79 2e 69 73 41 72 72 61 79 28 63 29 29 20 7b 5c 6e 20 20 20 20 20 20 20 20 20 20 76 61 72 20 6c 2c 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 75 2c 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 66 20 3d 20 63 5b 31 5d 2c 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 70 20 3d 20 63 5b 32 5d 2c 5c 6e 20 20 20 20 20 20 20 20 20 20 20 20 64 20 3d 20 63 2e 6c 65 6e 67 74 68 20 3e 20 33 2c 5c 6e 20 20 20 20
                                                                                                                                                                                                                                                                                    Data Ascii: {\n for (var a, n, i = new Map(), s = new Map(), o = 0; o < r.length; o++) {\n var c = r[o];\n if (Array.isArray(c)) {\n var l,\n u,\n f = c[1],\n p = c[2],\n d = c.length > 3,\n


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    101192.168.2.557561167.99.235.203443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC923OUTPOST /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 96
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: same-origin
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Referer: https://pcapp.store/?p=lpd_installing_r2&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&_fcid=1731354202975821&_winver=19045&version=fa.1092c
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC96OUTData Raw: 7b 22 63 22 3a 22 66 72 6f 6e 74 2f 69 6e 73 74 61 6c 6c 69 6e 67 22 2c 22 61 22 3a 22 69 6e 73 74 61 6c 6c 53 74 61 74 75 73 22 2c 22 70 22 3a 7b 22 67 75 69 64 22 3a 22 32 45 44 39 32 37 34 32 2d 38 39 44 43 2d 44 44 37 32 2d 39 32 45 38 2d 38 36 39 46 41 35 41 36 36 34 39 33 22 7d 7d
                                                                                                                                                                                                                                                                                    Data Ascii: {"c":"front/installing","a":"installStatus","p":{"guid":"2ED92742-89DC-DD72-92E8-869FA5A66493"}}
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC551INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: https://pcapp.store
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC41INData Raw: 31 65 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 22 64 6f 6e 65 22 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 1e{"state":"ok","result":"done"}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    102192.168.2.557562167.99.235.2034437972C:\Users\user\PCAppStore\PcAppStore.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC240OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_product&evt_action=windows_created&&eng_time=1731365753179&nocache=5654812 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    User-Agent: WinHTTP 1.0
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    103192.168.2.557564104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC663OUTGET /api/api.php?c=front&a=getAttrUserData&p[guid]=2ED92742-89DC-DD72-92E8-869FA5A66493&p[fields][]=fullname&p[fields][]=email&p[fields][]=firstname&p[fields][]=lastname HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC501INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC127INData Raw: 37 34 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 7b 22 66 75 6c 6c 6e 61 6d 65 22 3a 22 22 2c 22 65 6d 61 69 6c 22 3a 22 22 2c 22 66 69 72 73 74 6e 61 6d 65 22 3a 22 22 2c 22 6c 61 73 74 6e 61 6d 65 22 3a 22 22 2c 22 63 6c 69 65 6e 74 69 64 22 3a 22 22 2c 22 70 72 6f 66 69 6c 65 5f 74 79 70 65 22 3a 22 62 61 73 69 63 22 7d 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 74{"state":"ok","result":{"fullname":"","email":"","firstname":"","lastname":"","clientid":"","profile_type":"basic"}}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    104192.168.2.557565104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC556OUTGET /guid_is_dev.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Content-Type: application/json;charset=UTF-8
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC501INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/json
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC50INData Raw: 32 37 0d 0a 7b 22 73 74 61 74 65 22 3a 22 6f 6b 22 2c 22 72 65 73 75 6c 74 22 3a 7b 22 69 73 44 65 76 22 3a 66 61 6c 73 65 7d 7d 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 27{"state":"ok","result":{"isDev":false}}0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    105192.168.2.557566104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC793OUTGET /pixel.gif?evt_src=fa_notifications&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391931&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:33 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:33 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    106192.168.2.557568142.250.64.74443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC473OUTPOST /v1:GetModels?key=dummytoken HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: optimizationguide-pa.googleapis.com
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    Content-Length: 747
                                                                                                                                                                                                                                                                                    Content-Type: application/x-protobuf
                                                                                                                                                                                                                                                                                    X-Client-Data: CI32ygE=
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC747OUTData Raw: 0a 04 08 09 20 0f 0a 04 08 0d 20 0f 0a 65 08 0f 20 0f 32 5f 0a 57 74 79 70 65 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 67 6f 6f 67 6c 65 2e 69 6e 74 65 72 6e 61 6c 2e 63 68 72 6f 6d 65 2e 6f 70 74 69 6d 69 7a 61 74 69 6f 6e 67 75 69 64 65 2e 76 31 2e 50 61 67 65 54 6f 70 69 63 73 4d 6f 64 65 6c 4d 65 74 61 64 61 74 61 12 04 08 02 30 02 0a 67 08 10 20 0f 32 61 0a 59 74 79 70 65 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 67 6f 6f 67 6c 65 2e 69 6e 74 65 72 6e 61 6c 2e 63 68 72 6f 6d 65 2e 6f 70 74 69 6d 69 7a 61 74 69 6f 6e 67 75 69 64 65 2e 76 31 2e 53 65 67 6d 65 6e 74 61 74 69 6f 6e 4d 6f 64 65 6c 4d 65 74 61 64 61 74 61 12 04 4a 02 10 03 0a 04 08 14 20 0f 0a 67 08 15 20 0f 32 61 0a 59 74 79 70 65 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d
                                                                                                                                                                                                                                                                                    Data Ascii: e 2_Wtype.googleapis.com/google.internal.chrome.optimizationguide.v1.PageTopicsModelMetadata0g 2aYtype.googleapis.com/google.internal.chrome.optimizationguide.v1.SegmentationModelMetadataJ g 2aYtype.googleapis.com
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC409INHTTP/1.1 400 Bad Request
                                                                                                                                                                                                                                                                                    Vary: X-Origin
                                                                                                                                                                                                                                                                                    Vary: Referer
                                                                                                                                                                                                                                                                                    Content-Type: application/x-protobuf
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:34 GMT
                                                                                                                                                                                                                                                                                    Server: ESF
                                                                                                                                                                                                                                                                                    Cache-Control: private
                                                                                                                                                                                                                                                                                    X-XSS-Protection: 0
                                                                                                                                                                                                                                                                                    X-Frame-Options: SAMEORIGIN
                                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                    Accept-Ranges: none
                                                                                                                                                                                                                                                                                    Vary: Origin,Accept-Encoding
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC184INData Raw: 62 32 0d 0a 08 03 12 2f 41 50 49 20 6b 65 79 20 6e 6f 74 20 76 61 6c 69 64 2e 20 50 6c 65 61 73 65 20 70 61 73 73 20 61 20 76 61 6c 69 64 20 41 50 49 20 6b 65 79 2e 1a 7d 0a 28 74 79 70 65 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 2f 67 6f 6f 67 6c 65 2e 72 70 63 2e 45 72 72 6f 72 49 6e 66 6f 12 51 0a 0f 41 50 49 5f 4b 45 59 5f 49 4e 56 41 4c 49 44 12 0e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 1a 2e 0a 07 73 65 72 76 69 63 65 12 23 6f 70 74 69 6d 69 7a 61 74 69 6f 6e 67 75 69 64 65 2d 70 61 2e 67 6f 6f 67 6c 65 61 70 69 73 2e 63 6f 6d 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: b2/API key not valid. Please pass a valid API key.}(type.googleapis.com/google.rpc.ErrorInfoQAPI_KEY_INVALIDgoogleapis.com.service#optimizationguide-pa.googleapis.com
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    107192.168.2.557569104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC586OUTGET /images/front_img/logo/logo-light.svg HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    Cookie: finishInstallInApp=done
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC300INHTTP/1.1 301 Moved Permanently
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:34 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html
                                                                                                                                                                                                                                                                                    Content-Length: 162
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Location: https://repository.pcapp.store/pcapp/images/front_img/logo/logo-light.svg
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC162INData Raw: 3c 68 74 6d 6c 3e 0d 0a 3c 68 65 61 64 3e 3c 74 69 74 6c 65 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 74 69 74 6c 65 3e 3c 2f 68 65 61 64 3e 0d 0a 3c 62 6f 64 79 3e 0d 0a 3c 63 65 6e 74 65 72 3e 3c 68 31 3e 33 30 31 20 4d 6f 76 65 64 20 50 65 72 6d 61 6e 65 6e 74 6c 79 3c 2f 68 31 3e 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 68 72 3e 3c 63 65 6e 74 65 72 3e 6e 67 69 6e 78 3c 2f 63 65 6e 74 65 72 3e 0d 0a 3c 2f 62 6f 64 79 3e 0d 0a 3c 2f 68 74 6d 6c 3e 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: <html><head><title>301 Moved Permanently</title></head><body><center><h1>301 Moved Permanently</h1></center><hr><center>nginx</center></body></html>


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    108192.168.2.557570167.99.235.2034437972C:\Users\user\PCAppStore\PcAppStore.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC196OUTGET /notify_app_v2.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&lastid=0&lasttime=0&end_v=fa.1092c&nocache=5655328 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    User-Agent: WinHTTP 1.0
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC509INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:34 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC12INData Raw: 32 0d 0a 23 0a 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 2#0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    109192.168.2.557573209.222.21.115443612C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC543OUTGET /api/api.php HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-US,en;q=0.9
                                                                                                                                                                                                                                                                                    Cookie: _fcid=1731354202975821; guid=2ED92742-89DC-DD72-92E8-869FA5A66493; _ga_VFQWFX3X1C=GS1.1.1731360322.1.0.1731360322.60.0.0; _ga=GA1.1.367951386.1731360323; _gcl_au=1.1.1387167454.1731360324
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC211INHTTP/1.1 404 Not Found
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:34 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC5INData Raw: 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    110192.168.2.557574104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC790OUTGET /pixel.gif?evt_src=fa_menu_store&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391937&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:34 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    111192.168.2.557575104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC788OUTGET /pixel.gif?evt_src=fa_settings&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391941&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:34 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    112192.168.2.557578104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC786OUTGET /pixel.gif?evt_src=fa_widget&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391946&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:34 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    113192.168.2.557577104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC791OUTGET /pixel.gif?evt_src=fa_menu_search&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391948&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:34 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    114192.168.2.557584104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC791OUTGET /pixel.gif?evt_src=fa_main_window&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391951&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:34 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    115192.168.2.55758579.127.206.234443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC566OUTGET /pcapp/images/3rdparty/offer_1515_win10.png HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: repcdn.pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC669INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:34 GMT
                                                                                                                                                                                                                                                                                    Content-Type: application/octet-stream
                                                                                                                                                                                                                                                                                    Content-Length: 44578
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    x-amz-id-2: UNVCLtQ1g29iwdF5H6RVYVEO79IFsgXbPSEkvWGhV9HlTcELNxpYPsymsaFvI0xO1OuKn7b47QiscZDryytn0tZOOOLcjawYTKnhmTm+dgY=
                                                                                                                                                                                                                                                                                    x-amz-request-id: 323MPS374VTKFCRY
                                                                                                                                                                                                                                                                                    Last-Modified: Tue, 25 Jul 2023 13:30:53 GMT
                                                                                                                                                                                                                                                                                    ETag: "e0855f4d7f014155f14b1b189cba7b5f"
                                                                                                                                                                                                                                                                                    x-amz-server-side-encryption: AES256
                                                                                                                                                                                                                                                                                    x-amz-version-id: SzzS16XmEUTiwDpzzd7usPAzvOHjwybx
                                                                                                                                                                                                                                                                                    X-77-NZT: EgwBT3/O6QH3TtwKAAwBnJI76AG3P2QGAA
                                                                                                                                                                                                                                                                                    X-77-NZT-Ray: f03d0613b030f93d8a7632675f47e123
                                                                                                                                                                                                                                                                                    X-77-Cache: HIT
                                                                                                                                                                                                                                                                                    X-77-Age: 711758
                                                                                                                                                                                                                                                                                    Server: CDN77-Turbo
                                                                                                                                                                                                                                                                                    X-77-POP: newyorkUSNY
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC15715INData Raw: 89 50 4e 47 0d 0a 1a 0a 00 00 00 0d 49 48 44 52 00 00 01 d6 00 00 01 22 08 06 00 00 00 44 19 f3 55 00 00 00 09 70 48 59 73 00 00 0b 13 00 00 0b 13 01 00 9a 9c 18 00 00 00 01 73 52 47 42 00 ae ce 1c e9 00 00 00 04 67 41 4d 41 00 00 b1 8f 0b fc 61 05 00 00 ad b7 49 44 41 54 78 01 ed 7d 09 80 5c 45 b5 f6 a9 9e 99 cc 64 df 80 40 c2 0e 09 88 6c 4a e2 06 02 12 5c 51 84 e0 f6 50 d9 dc 9f b2 fb 14 f5 81 3f f8 de 13 9f 0f 10 d0 a7 cf 85 4d 05 15 12 59 45 34 41 96 a0 40 c2 be 9a b0 06 48 48 20 fb 36 59 a6 eb af af 6e 9d ba a7 aa 6f f7 f4 cc f4 4c 26 a1 3e b8 e9 ee 7b eb 56 d5 ad ee b9 df fd ce 39 75 4a 91 81 d6 7a 67 f3 72 b9 d9 f6 37 db 08 4a 48 48 48 48 48 48 e8 0a fe 68 b6 33 94 52 2f 28 47 aa 0f 51 22 d4 84 84 84 84 84 84 9e 60 a9 d9 de 0a 62 05 cb 1e f5 d8 95
                                                                                                                                                                                                                                                                                    Data Ascii: PNGIHDR"DUpHYssRGBgAMAaIDATx}\Ed@lJ\QP?MYE4A@HH 6YnoL&>{V9uJzgr7JHHHHHHh3R/(GQ"`b
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC16384INData Raw: f3 59 b4 81 aa 55 e4 09 57 89 e6 b0 0d 30 26 e0 c1 a5 01 34 d2 28 da 81 c6 47 3b 78 e4 68 4b b4 03 de 09 b2 9d 68 89 36 9e ce a3 b5 20 cd d8 77 cb 9f 74 44 a0 7c cd 45 e6 65 57 0f fa db 3c 60 00 35 b7 34 d3 83 57 5f 4d 7f 3d e1 04 da a4 10 c4 da ab 99 97 b0 ee ea 3e c7 1d 67 df 63 31 f3 d9 97 5c d2 90 b2 09 5b 26 b0 3e ef 98 fd b2 28 45 44 0c ce eb 24 05 5a eb 88 11 34 e9 94 53 aa 1e 5f fe e2 8b b4 fc 85 17 3a ad 47 d6 37 c1 f4 61 c7 43 0e b1 ef 81 15 e6 fc 17 cd f9 73 6f b8 81 de 68 c0 38 60 03 ea f9 3e 12 24 9c cf b0 90 54 1d ad 28 a7 d4 88 42 22 a5 2a ef 75 65 31 5f 55 60 1b 76 fb d9 df ab 49 d8 8f b3 02 39 ed e5 0c 0d ef 74 a6 58 c5 5a ac 01 99 2b 5a 8f 28 df 8e 76 5a be a1 dd ee 6a 5d b3 94 06 5e fb 22 8d bc fe 66 43 b4 cd 34 c8 28 da d6 77 4d a2 b6
                                                                                                                                                                                                                                                                                    Data Ascii: YUW0&4(G;xhKh6 wtD|EeW<`54W_M=>gc1\[&>(ED$Z4S_:G7aCsoh8`>$T(B"*ue1_U`vI9tXZ+Z(vZj]^"fC4(wM
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC12479INData Raw: f3 81 8b 00 56 d1 54 19 9f d2 90 82 07 13 49 7e d2 14 cc 2a 56 66 4a 8a fd a5 52 d1 c6 d3 6f 3c 29 cb 0c 4b dc 86 ca cd 11 d8 df 24 7a bf c9 89 15 7f 6c d2 ac 0a 15 08 73 51 0c 6b ba 35 7f 90 c3 a2 9b 6c d1 1f 7b 4c d6 8d 40 bd 37 6e a8 19 f8 63 e1 b7 c2 cd 0c 24 1f 07 6f 31 a6 4c 9b 66 6f 74 b8 51 f7 65 64 34 08 00 64 0e 22 c1 03 c8 30 73 b3 6b 6b 80 b9 16 f5 e2 7a f0 1d 41 a1 0f eb a9 7f d5 fc 60 f1 30 55 73 ea 87 f9 c1 83 d4 59 d1 75 0b ce 72 01 b3 35 a6 7b e0 7b 83 99 f5 45 f3 2a a3 6a 31 56 f0 49 16 f9 e4 61 46 c7 03 46 67 a8 77 ec 1b ae e0 40 cc e6 b7 08 c5 cd 0a d1 3e 08 98 fd b3 6a 3c f8 35 aa 6d b4 01 97 4d 3d 7f 17 9b 0d f2 fc 84 01 40 b0 7c 24 7b 55 f9 02 e0 4e d9 da 69 2a 0d 25 54 df 7a de 37 cb 4a 99 82 5e 46 6b 6d c4 f0 f0 3e 0a 6a ea 29 7c
                                                                                                                                                                                                                                                                                    Data Ascii: VTI~*VfJRo<)K$zlsQk5l{L@7nc$o1LfotQed4d"0skkzA`0UsYur5{{E*j1VIaFFgw@>j<5mM=@|${UNi*%Tz7J^Fkm>j)|


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    116192.168.2.557586104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC785OUTGET /pixel.gif?evt_src=fa_offer&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391953&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:34 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    117192.168.2.55758779.127.206.207443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC570OUTGET /pcapp/images/front_img/logo/logo-light.svg HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: repository.pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC648INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:34 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/svg+xml
                                                                                                                                                                                                                                                                                    Content-Length: 3133
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    x-amz-id-2: IovdH67eUS4bv5B4AFoWKYkI6zRt6y1CdwBj+Yb2EMluHeLHOvXeVK3CTKa5OlJOK9YUr5GmQfU=
                                                                                                                                                                                                                                                                                    x-amz-request-id: KW2PAXQ2XW0JHCVQ
                                                                                                                                                                                                                                                                                    Last-Modified: Fri, 25 Oct 2024 10:03:39 GMT
                                                                                                                                                                                                                                                                                    ETag: "b99ea1348ed2a5b6f3a5a651b4750bd4"
                                                                                                                                                                                                                                                                                    x-amz-server-side-encryption: AES256
                                                                                                                                                                                                                                                                                    x-amz-version-id: SMRUSHzcQUc1AQdQoZMJlRJHP.H4FUVX
                                                                                                                                                                                                                                                                                    X-77-NZT: EgwBT3/OzgH3PKcIAAwBnJI76AG3CQAAAA
                                                                                                                                                                                                                                                                                    X-77-NZT-Ray: 8705ec34833b9c2e8a7632678e6ab433
                                                                                                                                                                                                                                                                                    X-77-Cache: HIT
                                                                                                                                                                                                                                                                                    X-77-Age: 567100
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Server: CDN77-Turbo
                                                                                                                                                                                                                                                                                    X-77-POP: newyorkUSNY
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC3133INData Raw: 3c 73 76 67 20 77 69 64 74 68 3d 22 39 30 22 20 68 65 69 67 68 74 3d 22 39 30 22 20 76 69 65 77 42 6f 78 3d 22 30 20 30 20 39 30 20 39 30 22 20 66 69 6c 6c 3d 22 6e 6f 6e 65 22 20 78 6d 6c 6e 73 3d 22 68 74 74 70 3a 2f 2f 77 77 77 2e 77 33 2e 6f 72 67 2f 32 30 30 30 2f 73 76 67 22 3e 0a 3c 70 61 74 68 20 64 3d 22 4d 30 20 33 32 43 30 20 32 30 2e 37 39 38 39 20 30 20 31 35 2e 31 39 38 34 20 32 2e 31 37 39 38 37 20 31 30 2e 39 32 30 32 43 34 2e 30 39 37 33 34 20 37 2e 31 35 36 39 35 20 37 2e 31 35 36 39 35 20 34 2e 30 39 37 33 34 20 31 30 2e 39 32 30 32 20 32 2e 31 37 39 38 37 43 31 35 2e 31 39 38 34 20 30 20 32 30 2e 37 39 39 20 30 20 33 32 20 30 48 35 38 43 36 39 2e 32 30 31 20 30 20 37 34 2e 38 30 31 36 20 30 20 37 39 2e 30 37 39 38 20 32 2e 31 37 39 38
                                                                                                                                                                                                                                                                                    Data Ascii: <svg width="90" height="90" viewBox="0 0 90 90" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M0 32C0 20.7989 0 15.1984 2.17987 10.9202C4.09734 7.15695 7.15695 4.09734 10.9202 2.17987C15.1984 0 20.799 0 32 0H58C69.201 0 74.8016 0 79.0798 2.1798


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    118192.168.2.557588104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC786OUTGET /pixel.gif?evt_src=fa_topbar&evt_action=created&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360391956&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:34 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    119192.168.2.557590104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:34 UTC868OUTGET /pixel.gif?evt_src=fa_offer&evt_action=show_welcome&count_show=true&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&oid=1831&otype=startmenu&p=a&ncrd=1731360393879&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    Cookie: finishInstallInApp=done
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:35 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:35 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:35 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    120192.168.2.557592104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:35 UTC823OUTGET /pixel.gif?evt_src=fa_menu_store&evt_action=updated&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360393947&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    Cookie: finishInstallInApp=done
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:35 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:35 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:35 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    121192.168.2.557593147.182.211.774437972C:\Users\user\PCAppStore\PcAppStore.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:35 UTC480OUTGET /p.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_pcdetails&evt_action=ext_chrome&data=%5B%22ahfgeienlihckogmohjhadlkjgocpleb%22,%22gdaefkejpgkiemlaofpalmlakkmbjdnl%22,%22mhjfbmdgcfjbbpaeojofohoefgiehjai%22,%22neajdppkdcdipfabeoofebfddakdcjhd%22,%22nkeimhogjdpnpccoofpliimaahmaaome%22,%22nmmhkkegccagdldgiimedpiccmgmieda%22%5D&eng_time=1731365754036&nocache=5656875 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    User-Agent: WinHTTP 1.0
                                                                                                                                                                                                                                                                                    Host: ev.pcapp.store
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:35 UTC541INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:35 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Last-Modified: Thu, 26 May 2022 12:48:19 GMT
                                                                                                                                                                                                                                                                                    ETag: "d89746888da2d9510b64a9f031eaecd5"
                                                                                                                                                                                                                                                                                    x-amz-version-id: null
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                    Via: 1.1 94344436af750794f6bc9899d89d3a0a.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                    X-Amz-Cf-Pop: EWR53-C2
                                                                                                                                                                                                                                                                                    X-Amz-Cf-Id: UwKUl4uPn7a4zVJd8nweDeywRLrZCxN6yfkB28nR-H3FYczEHDnWbQ==
                                                                                                                                                                                                                                                                                    Age: 40428
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:35 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    122192.168.2.55759418.239.94.39443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:35 UTC821OUTGET /p.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=watch_dog&evt_action=signal_event&data={"counter":0,"rid":"20241111162608.285630578","isPCAppRunning":1,"isNWStoreRunning":1,"registryInfo":{"pcAppInAutostart":1},"filesystemInfo":{"uiFolderExists":1,"uiFilesCount":55,"nwjsFolderExists":1,"nwjsFilesCount":132,"AutoUpdaterExeExists":1,"PcAppStoreExeExists":1,"pcappstoreIcoExists":1,"UninstallerExeExists":1,"NW_storeExeExists":1,"startupFolderLnkExists":1}}&eng_time=1731360394&nocache=5546 HTTP/1.1
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    UA-CPU: AMD64
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                                                                                    Host: d74queuslupub.cloudfront.net
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:35 UTC479INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Last-Modified: Thu, 26 May 2022 12:48:19 GMT
                                                                                                                                                                                                                                                                                    x-amz-version-id: null
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Server: AmazonS3
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 06:25:14 GMT
                                                                                                                                                                                                                                                                                    ETag: "d89746888da2d9510b64a9f031eaecd5"
                                                                                                                                                                                                                                                                                    X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                    Via: 1.1 b5831686bbaffa69458853f1db0eca2a.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                    X-Amz-Cf-Pop: AMS1-P3
                                                                                                                                                                                                                                                                                    X-Amz-Cf-Id: N5G90_r9jeDqW-q9VQ79ARp0V0l2EJbI6DPdIZJGxQ_j_KjzzsapyQ==
                                                                                                                                                                                                                                                                                    Age: 54082
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:35 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    123192.168.2.557595104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:35 UTC831OUTGET /pixel.gif?evt_src=fa_menu_store&evt_action=open_start_menu&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360394919&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    Cookie: finishInstallInApp=done
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:36 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:35 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:36 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    124192.168.2.557596104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:36 UTC820OUTGET /pixel.gif?evt_src=fa_menu_store&evt_action=show&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360395551&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    Cookie: finishInstallInApp=done
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:36 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:36 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:36 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    125192.168.2.557597147.182.211.774437972C:\Users\user\PCAppStore\PcAppStore.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:36 UTC673OUTGET /p.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_pcdetails&evt_action=ext_edge&data=%5B%22ahfgeienlihckogmohjhadlkjgocpleb%22,%22dgiklkfkllikcanfonkcabmbdfmgleag%22,%22fikbjbembnmfhppjfnmfkahdhfohhjmg%22,%22ghbmnnjooekpmoecnnnilnnbdlolhkhi%22,%22iglcjdemknebjbklcgkfaebgojjphkec%22,%22ihmafllikibpmigkcoadcmckbfhibefp%22,%22jdiccldimpdaibmpdkjnbmckianbfold%22,%22jmjflgjpcpepeafmmgdpfkogkghcpiha%22,%22mhjfbmdgcfjbbpaeojofohoefgiehjai%22,%22ncbjelpjchkpbikbpkcchkhkblodoama%22,%22nkeimhogjdpnpccoofpliimaahmaaome%22%5D&eng_time=1731365754051&nocache=5658546 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    User-Agent: WinHTTP 1.0
                                                                                                                                                                                                                                                                                    Host: ev.pcapp.store
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:37 UTC541INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:37 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Last-Modified: Thu, 26 May 2022 12:48:19 GMT
                                                                                                                                                                                                                                                                                    ETag: "d89746888da2d9510b64a9f031eaecd5"
                                                                                                                                                                                                                                                                                    x-amz-version-id: null
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                    Via: 1.1 17a3c2535aa705a7b5a80b78b876c79a.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                    X-Amz-Cf-Pop: EWR53-C2
                                                                                                                                                                                                                                                                                    X-Amz-Cf-Id: nDYxEcTJSbWIibDngtJ1E3ZE2LwlIgV5PjFkPnb9JTon2ECz9rAJiw==
                                                                                                                                                                                                                                                                                    Age: 40430
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:37 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    126192.168.2.557598204.79.197.222443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:37 UTC153OUTGET /conf/v1/asgw/fpconfig.min.json HTTP/1.1
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                    Host: fp.msedge.net
                                                                                                                                                                                                                                                                                    If-None-Match: "392184522"
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:37 UTC398INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Cache-Control: public,max-age=900
                                                                                                                                                                                                                                                                                    Content-Length: 20067
                                                                                                                                                                                                                                                                                    Content-Type: application/json; charset=utf-8
                                                                                                                                                                                                                                                                                    ETag: "636942090"
                                                                                                                                                                                                                                                                                    Request-Context: appId=cid-v1:b183296d-485b-49fc-81c7-a511e61d1309
                                                                                                                                                                                                                                                                                    X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                    X-MSEdge-Ref: Ref A: 0D7B0BAF142040BBA2510A44A2C45581 Ref B: EWR311000101011 Ref C: 2024-11-11T21:26:37Z
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:36 GMT
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:37 UTC1521INData Raw: 7b 22 6e 22 3a 33 2c 22 65 22 3a 5b 7b 22 65 22 3a 22 2a 2e 61 7a 72 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 35 30 30 30 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 2a 2e 63 6c 6f 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 32 30 30 30 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 2a 2e 63 6c 6f 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 31 30 30 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 2a 2e 6e 72 62 2e 66 6f 6f 74 70 72 69 6e 74 64 6e 73 2e 63 6f 6d 22 2c 22 77 22 3a 34 32 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 61 66 64 78 74 65 73 74 2e 7a 30 31 2e 61 7a 75 72 65 66 64 2e 6e 65 74 22 2c 22 77 22 3a 35 30 30 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 61 6d 73 30
                                                                                                                                                                                                                                                                                    Data Ascii: {"n":3,"e":[{"e":"*.azr.footprintdns.com","w":5000,"m":128},{"e":"*.clo.footprintdns.com","w":2000,"m":1},{"e":"*.clo.footprintdns.com","w":100,"m":128},{"e":"*.nrb.footprintdns.com","w":420,"m":3},{"e":"afdxtest.z01.azurefd.net","w":500,"m":1},{"e":"ams0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:37 UTC2310INData Raw: 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 75 73 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 62 6e 31 61 7a 66 61 70 70 30 32 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 75 73 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 62 6e 34 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 62 6e 36 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 62 6e 37 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22
                                                                                                                                                                                                                                                                                    Data Ascii: ary.netmon.azure.us","w":3,"m":128},{"e":"bn1azfapp02-canary.netmon.azure.us","w":3,"m":128},{"e":"bn4prdapp02-canary.netmon.azure.com","w":3,"m":128},{"e":"bn6prdapp01-canary.netmon.azure.com","w":3,"m":128},{"e":"bn7prdapp01-canary.netmon.azure.com","w"
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:37 UTC4096INData Raw: 22 65 22 3a 22 63 71 31 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 63 2d 72 69 6e 67 2e 6d 73 65 64 67 65 2e 6e 65 74 22 2c 22 77 22 3a 32 30 30 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 63 2d 72 69 6e 67 2d 66 61 6c 6c 62 61 63 6b 2e 6d 73 65 64 67 65 2e 6e 65 74 22 2c 22 77 22 3a 35 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a 22 63 76 6c 30 32 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 63 76 6c 30 32 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65
                                                                                                                                                                                                                                                                                    Data Ascii: "e":"cq1prdapp01-canary.netmon.azure.com","w":3,"m":128},{"e":"c-ring.msedge.net","w":2000,"m":3},{"e":"c-ring-fallback.msedge.net","w":50,"m":3},{"e":"cvl02prdapp01-canary-opaph.netmon.azure.com","w":3,"m":1},{"e":"cvl02prdapp01-canary-opaph.netmon.azure
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:37 UTC4096INData Raw: 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 66 72 61 32 33 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 66 72 61 32 33 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 67 72 61 70 68 2e 61 7a 75 72 65 66 64 2e 6e 65 74 22 2c 22 77 22 3a 31 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 67 72 61 70 68 2e 61 7a 75 72 65 66 64 2e 6e 65 74 22 2c 22 77 22 3a 31 2c 22 6d 22 3a 38 7d 2c 7b 22 65 22 3a 22 67 72 61 70 68 2e 6d 69 63 72 6f 73 6f 66 74 2e 63 6f 6d 22 2c
                                                                                                                                                                                                                                                                                    Data Ascii: com","w":3,"m":128},{"e":"fra23prdapp01-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"fra23prdapp02-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"graph.azurefd.net","w":1,"m":1},{"e":"graph.azurefd.net","w":1,"m":8},{"e":"graph.microsoft.com",
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:37 UTC4096INData Raw: 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 6e 61 67 32 30 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 7d 2c 7b 22 65 22 3a 22 6e 61 67 32 30 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 6e 61 67 32 30 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 6f 2d 72 69 6e 67 2e 6d 73 65 64 67 65 2e 6e 65 74 22 2c 22 77 22 3a 31 30 30 2c 22 6d 22 3a 33 7d 2c 7b 22 65 22 3a
                                                                                                                                                                                                                                                                                    Data Ascii: ,"w":3,"m":1},{"e":"nag20prdapp01-canary-opaph.netmon.azure.com","w":3,"m":1},{"e":"nag20prdapp01-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"nag20prdapp02-canary-opaph.netmon.azure.com","w":3,"m":128},{"e":"o-ring.msedge.net","w":100,"m":3},{"e":
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:37 UTC3948INData Raw: 63 32 32 70 72 64 61 70 70 30 32 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 73 6e 34 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 63 6f 6d 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 73 6e 35 61 7a 66 61 70 70 30 31 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 75 73 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 73 6e 35 61 7a 66 61 70 70 30 32 2d 63 61 6e 61 72 79 2e 6e 65 74 6d 6f 6e 2e 61 7a 75 72 65 2e 75 73 22 2c 22 77 22 3a 33 2c 22 6d 22 3a 31 32 38 7d 2c 7b 22 65 22 3a 22 73 6e 37 70 72 64 61 70 70 30 31 2d 63 61 6e 61 72 79 2d 6f 70 61 70 68 2e
                                                                                                                                                                                                                                                                                    Data Ascii: c22prdapp02-canary.netmon.azure.com","w":3,"m":128},{"e":"sn4prdapp01-canary.netmon.azure.com","w":3,"m":128},{"e":"sn5azfapp01-canary.netmon.azure.us","w":3,"m":128},{"e":"sn5azfapp02-canary.netmon.azure.us","w":3,"m":128},{"e":"sn7prdapp01-canary-opaph.


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    127192.168.2.557601104.248.126.225443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:38 UTC821OUTGET /pixel.gif?evt_src=fa_menu_store&evt_action=close&guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&ncrd=1731360397555&user-agent=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/122.0.0.0%20Safari/537.36 HTTP/1.1
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: keep-alive
                                                                                                                                                                                                                                                                                    sec-ch-ua: "Not(A:Brand";v="24", "Chromium";v="122"
                                                                                                                                                                                                                                                                                    sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
                                                                                                                                                                                                                                                                                    sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                    Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                                                                                                                                                                                                                                                                    Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                    Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                    Sec-Fetch-Dest: image
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    Accept-Language: en-GB,en-US;q=0.9,en;q=0.8
                                                                                                                                                                                                                                                                                    Cookie: finishInstallInApp=done
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:38 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:38 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:38 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    128192.168.2.557602167.99.235.2034437972C:\Users\user\PCAppStore\PcAppStore.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:38 UTC243OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_product&evt_action=notify_widget_hide&&eng_time=1731365754139&nocache=5660187 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    User-Agent: WinHTTP 1.0
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:38 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:38 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:38 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                    129192.168.2.557605167.99.235.2034437972C:\Users\user\PCAppStore\PcAppStore.exe
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:40 UTC241OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_product&evt_action=contextual_offer&&eng_time=1731365755291&nocache=5661750 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    User-Agent: WinHTTP 1.0
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:40 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:40 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:40 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    130192.168.2.55760713.107.213.254443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:40 UTC484OUTGET /apc/trans.gif?0aa5491d47a14825fdf2da9985333f54 HTTP/1.1
                                                                                                                                                                                                                                                                                    Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                    Accept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
                                                                                                                                                                                                                                                                                    Accept-Language: en-CH
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                    Host: t-ring-s2.msedge.net
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:40 UTC314INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:40 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 43
                                                                                                                                                                                                                                                                                    Last-Modified: Fri, 08 Nov 2024 12:58:45 GMT
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    ETag: "672e0b05-2b"
                                                                                                                                                                                                                                                                                    x-azure-ref: 20241111T212640Z-174f7845968nnm4mhC1EWR1rn400000005f000000000a2zt
                                                                                                                                                                                                                                                                                    X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:40 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    131192.168.2.55760823.1.237.91443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:40 UTC1961OUTPOST /threshold/xls.aspx HTTP/1.1
                                                                                                                                                                                                                                                                                    Origin: https://www.bing.com
                                                                                                                                                                                                                                                                                    Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    Accept-Language: en-CH
                                                                                                                                                                                                                                                                                    Content-type: text/xml
                                                                                                                                                                                                                                                                                    X-Agent-DeviceId: 01000A410900D492
                                                                                                                                                                                                                                                                                    X-BM-CBT: 1696428841
                                                                                                                                                                                                                                                                                    X-BM-DateFormat: dd/MM/yyyy
                                                                                                                                                                                                                                                                                    X-BM-DeviceDimensions: 784x984
                                                                                                                                                                                                                                                                                    X-BM-DeviceDimensionsLogical: 784x984
                                                                                                                                                                                                                                                                                    X-BM-DeviceScale: 100
                                                                                                                                                                                                                                                                                    X-BM-DTZ: 120
                                                                                                                                                                                                                                                                                    X-BM-Market: CH
                                                                                                                                                                                                                                                                                    X-BM-Theme: 000000;0078d7
                                                                                                                                                                                                                                                                                    X-BM-WindowsFlights: FX:117B9872,FX:119E26AD,FX:11C0E96C,FX:11C6E5C2,FX:11C7EB6A,FX:11C9408A,FX:11C940DB,FX:11CB9A9F,FX:11CB9AC1,FX:11CC111C,FX:11D5BFCD,FX:11DF5B12,FX:11DF5B75,FX:1240931B,FX:124B38D0,FX:127FC878,FX:1283FFE8,FX:12840617,FX:128979F9,FX:128EBD7E,FX:129135BB,FX:129E053F,FX:12A74DB5,FX:12AB734D,FX:12B8450E,FX:12BD6E73,FX:12C3331B,FX:12C7D66E
                                                                                                                                                                                                                                                                                    X-Device-ClientSession: DB0AFB19004F47BC80E5208C7478FF22
                                                                                                                                                                                                                                                                                    X-Device-isOptin: false
                                                                                                                                                                                                                                                                                    X-Device-MachineId: {92C86F7C-DB2B-4F6A-95AD-98B4A2AE008A}
                                                                                                                                                                                                                                                                                    X-Device-OSSKU: 48
                                                                                                                                                                                                                                                                                    X-Device-Touch: false
                                                                                                                                                                                                                                                                                    X-DeviceID: 01000A410900D492
                                                                                                                                                                                                                                                                                    X-MSEdge-ExternalExp: d-thshld39,d-thshld42,d-thshld77,d-thshld78,staticsh
                                                                                                                                                                                                                                                                                    X-MSEdge-ExternalExpType: JointCoord
                                                                                                                                                                                                                                                                                    X-PositionerType: Desktop
                                                                                                                                                                                                                                                                                    X-Search-AppId: Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI
                                                                                                                                                                                                                                                                                    X-Search-CortanaAvailableCapabilities: None
                                                                                                                                                                                                                                                                                    X-Search-SafeSearch: Moderate
                                                                                                                                                                                                                                                                                    X-Search-TimeZone: Bias=-60; DaylightBias=-60; TimeZoneKeyName=W. Europe Standard Time
                                                                                                                                                                                                                                                                                    X-UserAgeClass: Unknown
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                    Host: www.bing.com
                                                                                                                                                                                                                                                                                    Content-Length: 1803
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache
                                                                                                                                                                                                                                                                                    Cookie: MUID=2F4E96DB8B7049E59AD4484C3C00F7CF; _SS=SID=1A6DEABB468B65843EB5F91B47916435&CPID=1731360301006&AC=1&CPH=d1a4eb75; _EDGE_S=SID=1A6DEABB468B65843EB5F91B47916435; SRCHHPGUSR=SRCHLANG=en&IPMH=986d886c&IPMID=1696428841029&HV=1696428756
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:40 UTC1803OUTData Raw: 3c 43 6c 69 65 6e 74 49 6e 73 74 52 65 71 75 65 73 74 3e 3c 43 49 44 3e 33 36 34 34 46 44 37 34 44 46 31 36 36 31 38 46 30 38 46 37 45 43 30 33 44 45 35 35 36 30 30 31 3c 2f 43 49 44 3e 3c 45 76 65 6e 74 73 3e 3c 45 3e 3c 54 3e 45 76 65 6e 74 2e 43 6c 69 65 6e 74 49 6e 73 74 3c 2f 54 3e 3c 49 47 3e 37 35 32 32 38 31 35 36 37 30 33 41 34 30 44 35 42 39 37 45 35 41 36 38 33 36 46 32 41 31 43 45 3c 2f 49 47 3e 3c 44 3e 3c 21 5b 43 44 41 54 41 5b 7b 22 43 75 72 55 72 6c 22 3a 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 62 69 6e 67 2e 63 6f 6d 2f 41 53 2f 41 50 49 2f 57 69 6e 64 6f 77 73 43 6f 72 74 61 6e 61 50 61 6e 65 2f 56 32 2f 49 6e 69 74 22 2c 22 50 69 76 6f 74 22 3a 22 51 46 22 2c 22 74 6f 74 61 6c 6e 75 6d 62 65 72 4f 66 45 6e 74 72 69 65 73 22 3a 22 30 22
                                                                                                                                                                                                                                                                                    Data Ascii: <ClientInstRequest><CID>3644FD74DF16618F08F7EC03DE556001</CID><Events><E><T>Event.ClientInst</T><IG>75228156703A40D5B97E5A6836F2A1CE</IG><D><![CDATA[{"CurUrl":"https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init","Pivot":"QF","totalnumberOfEntries":"0"
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:40 UTC478INHTTP/1.1 204 No Content
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                    Accept-CH: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
                                                                                                                                                                                                                                                                                    X-MSEdge-Ref: Ref A: 8F47C8BCEE1042429453083406366D3A Ref B: LAX311000108045 Ref C: 2024-11-11T21:26:40Z
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:40 GMT
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Alt-Svc: h3=":443"; ma=93600
                                                                                                                                                                                                                                                                                    X-CDN-TraceID: 0.1eed0117.1731360400.2660d5


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    132192.168.2.557609150.171.73.254443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:40 UTC482OUTGET /apc/trans.gif?2c895810ae34135d4c9853c3a313042c HTTP/1.1
                                                                                                                                                                                                                                                                                    Referer: https://www.bing.com/AS/API/WindowsCortanaPane/V2/Init
                                                                                                                                                                                                                                                                                    Accept: image/png,image/svg+xml,image/*;q=0.8,*/*;q=0.5
                                                                                                                                                                                                                                                                                    Accept-Language: en-CH
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; Cortana 1.14.7.19041; 10.0.0.0.19045.2006) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.19045
                                                                                                                                                                                                                                                                                    Host: bx-ring.msedge.net
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:41 UTC708INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Cache-Control: no-cache, no-store, must-revalidate
                                                                                                                                                                                                                                                                                    Content-Length: 43
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Last-Modified: Sun, 13 Oct 2024 09:49:27 GMT
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    ETag: 0x0DA2C2C0C44B11E89E6C66FF4F731D7D
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                    Access-Control-Expose-Headers: X-EndPoint, X-FrontEnd, X-UserHostAddress, X-MSEdge-Ref, X-MachineName
                                                                                                                                                                                                                                                                                    Timing-Allow-Origin: *
                                                                                                                                                                                                                                                                                    X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                    X-Endpoint: EWR31r5c
                                                                                                                                                                                                                                                                                    X-Frontend: AFD
                                                                                                                                                                                                                                                                                    X-Machinename: EWR311000106021
                                                                                                                                                                                                                                                                                    X-Userhostaddress: 66.23.206.0
                                                                                                                                                                                                                                                                                    X-Cache: CONFIG_NOCACHE
                                                                                                                                                                                                                                                                                    X-MSEdge-Ref: Ref A: A97BE6F3DBA5439082C557D44C51FB11 Ref B: EWR311000106021 Ref C: 2024-11-11T21:26:41Z
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:40 GMT
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:41 UTC43INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 ff ff ff 00 00 00 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 02 44 01 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    133192.168.2.557612167.99.235.203443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:51 UTC234OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_auto_updater&evt_action=start&&eng_time=1731360410936&nocache=312218 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    User-Agent: WinHTTP 1.0
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:51 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:51 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:51 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    134192.168.2.557613167.99.235.203443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:52 UTC376OUTGET /fa_version.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&end_v=fa.1092c&nocache=312796 HTTP/1.1
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    UA-CPU: AMD64
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:52 UTC509INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:52 GMT
                                                                                                                                                                                                                                                                                    Content-Type: text/html; charset=UTF-8
                                                                                                                                                                                                                                                                                    Transfer-Encoding: chunked
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Vary: Accept-Encoding
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Credentials: true
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Methods: GET, POST, OPTIONS
                                                                                                                                                                                                                                                                                    Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:52 UTC18INData Raw: 38 0d 0a 66 61 2e 31 30 35 39 6f 0d 0a 30 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                    Data Ascii: 8fa.1059o0


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    135192.168.2.557614167.99.235.203443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:53 UTC232OUTGET /pixel.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=fa_auto_updater&evt_action=end&&eng_time=1731360412294&nocache=313578 HTTP/1.1
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    User-Agent: WinHTTP 1.0
                                                                                                                                                                                                                                                                                    Host: pcapp.store
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:53 UTC302INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Server: nginx
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 21:26:53 GMT
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
                                                                                                                                                                                                                                                                                    2024-11-11 21:26:53 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                    136192.168.2.55761518.239.94.39443
                                                                                                                                                                                                                                                                                    TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                    2024-11-11 21:27:00 UTC821OUTGET /p.gif?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&version=fa.1092c&evt_src=watch_dog&evt_action=signal_event&data={"counter":0,"rid":"20241111162608.285630578","isPCAppRunning":1,"isNWStoreRunning":1,"registryInfo":{"pcAppInAutostart":1},"filesystemInfo":{"uiFolderExists":1,"uiFilesCount":55,"nwjsFolderExists":1,"nwjsFilesCount":132,"AutoUpdaterExeExists":1,"PcAppStoreExeExists":1,"pcappstoreIcoExists":1,"UninstallerExeExists":1,"NW_storeExeExists":1,"startupFolderLnkExists":1}}&eng_time=1731360419&nocache=5625 HTTP/1.1
                                                                                                                                                                                                                                                                                    Accept: */*
                                                                                                                                                                                                                                                                                    UA-CPU: AMD64
                                                                                                                                                                                                                                                                                    Accept-Encoding: gzip, deflate
                                                                                                                                                                                                                                                                                    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.2; Win64; x64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729)
                                                                                                                                                                                                                                                                                    Host: d74queuslupub.cloudfront.net
                                                                                                                                                                                                                                                                                    Connection: Keep-Alive
                                                                                                                                                                                                                                                                                    2024-11-11 21:27:00 UTC479INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                    Content-Type: image/gif
                                                                                                                                                                                                                                                                                    Content-Length: 42
                                                                                                                                                                                                                                                                                    Connection: close
                                                                                                                                                                                                                                                                                    Last-Modified: Thu, 26 May 2022 12:48:19 GMT
                                                                                                                                                                                                                                                                                    x-amz-version-id: null
                                                                                                                                                                                                                                                                                    Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                    Server: AmazonS3
                                                                                                                                                                                                                                                                                    Date: Mon, 11 Nov 2024 06:25:14 GMT
                                                                                                                                                                                                                                                                                    ETag: "d89746888da2d9510b64a9f031eaecd5"
                                                                                                                                                                                                                                                                                    X-Cache: Hit from cloudfront
                                                                                                                                                                                                                                                                                    Via: 1.1 92cfe9224b3a51aff944c5d8ac7bf798.cloudfront.net (CloudFront)
                                                                                                                                                                                                                                                                                    X-Amz-Cf-Pop: AMS1-P3
                                                                                                                                                                                                                                                                                    X-Amz-Cf-Id: 0iriNnqh-hWJQUnyP8ZwyXxJ2z8UkboAdHQ4YBrh65TujK3OHQYccQ==
                                                                                                                                                                                                                                                                                    Age: 54107
                                                                                                                                                                                                                                                                                    2024-11-11 21:27:00 UTC42INData Raw: 47 49 46 38 39 61 01 00 01 00 80 00 00 00 00 00 ff ff ff 21 f9 04 01 00 00 00 00 2c 00 00 00 00 01 00 01 00 00 02 01 44 00 3b
                                                                                                                                                                                                                                                                                    Data Ascii: GIF89a!,D;


                                                                                                                                                                                                                                                                                    Statistics

                                                                                                                                                                                                                                                                                    CPU Usage

                                                                                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                                                                                    Memory Usage

                                                                                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                                                                                    High Level Behavior Distribution

                                                                                                                                                                                                                                                                                    Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                    Behavior

                                                                                                                                                                                                                                                                                    Click to jump to process

                                                                                                                                                                                                                                                                                    System Behavior

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:0
                                                                                                                                                                                                                                                                                    Start time:16:25:13
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Users\user\Desktop\Setup.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Users\user\Desktop\Setup.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                                                                                                                                    File size:190'056 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:92C35FBE82BF7E416805C9286746AC4D
                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:2
                                                                                                                                                                                                                                                                                    Start time:16:25:18
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized --single-argument https://pcapp.store/installing.php?guid=2ED92742-89DC-DD72-92E8-869FA5A66493&winver=19045&version=fa.1092c&nocache=20241111162518.134&_fcid=1731354202975821
                                                                                                                                                                                                                                                                                    Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                    File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:4
                                                                                                                                                                                                                                                                                    Start time:16:25:19
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1904,i,16569833579586594677,17085664865935960481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                                                                    Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                    File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:5
                                                                                                                                                                                                                                                                                    Start time:16:25:22
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5176 --field-trial-handle=1904,i,16569833579586594677,17085664865935960481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                                                                    Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                    File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:6
                                                                                                                                                                                                                                                                                    Start time:16:25:22
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 --field-trial-handle=1904,i,16569833579586594677,17085664865935960481,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
                                                                                                                                                                                                                                                                                    Imagebase:0x7ff715980000
                                                                                                                                                                                                                                                                                    File size:3'242'272 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:45DE480806D1B5D462A7DDE4DCEFC4E4
                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:9
                                                                                                                                                                                                                                                                                    Start time:16:25:33
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Users\user\AppData\Local\Temp\nsx2B3B.tmp" /internal 1731354202975821 /force
                                                                                                                                                                                                                                                                                    Imagebase:0x400000
                                                                                                                                                                                                                                                                                    File size:93'386'616 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:84EE733F8014D22DAD2DFEF725489980
                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                                                                                                                                    • Detection: 46%, ReversingLabs
                                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:11
                                                                                                                                                                                                                                                                                    Start time:16:26:07
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Users\user\PCAppStore\PcAppStore.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                    Commandline:"C:\Users\user\PCAppStore\PcAppStore.exe" /init default
                                                                                                                                                                                                                                                                                    Imagebase:0x7ff6e0080000
                                                                                                                                                                                                                                                                                    File size:3'116'888 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:4B88D8ADA8D22622C30D581FC38EAA52
                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                                                                                                                                    • Detection: 8%, ReversingLabs
                                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:12
                                                                                                                                                                                                                                                                                    Start time:16:26:08
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Users\user\PCAppStore\Watchdog.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                    Commandline:"C:\Users\user\PCAppStore\Watchdog.exe" /guid=2ED92742-89DC-DD72-92E8-869FA5A66493 /rid=20241111162608.285630578 /ver=fa.1092c
                                                                                                                                                                                                                                                                                    Imagebase:0x7ff7d1ab0000
                                                                                                                                                                                                                                                                                    File size:276'312 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:11F3801CB9FF046D6075F681971C4EB8
                                                                                                                                                                                                                                                                                    Has elevated privileges:true
                                                                                                                                                                                                                                                                                    Has administrator privileges:true
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Antivirus matches:
                                                                                                                                                                                                                                                                                    • Detection: 5%, ReversingLabs
                                                                                                                                                                                                                                                                                    Reputation:low
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:13
                                                                                                                                                                                                                                                                                    Start time:16:26:08
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Windows\explorer.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                    Commandline:C:\Windows\Explorer.EXE
                                                                                                                                                                                                                                                                                    Imagebase:0x7ff674740000
                                                                                                                                                                                                                                                                                    File size:5'141'208 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:662F4F92FDE3557E86D110526BB578D5
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:15
                                                                                                                                                                                                                                                                                    Start time:16:26:13
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:17
                                                                                                                                                                                                                                                                                    Start time:16:26:13
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Reputation:high
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:18
                                                                                                                                                                                                                                                                                    Start time:16:26:14
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:19
                                                                                                                                                                                                                                                                                    Start time:16:26:14
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:20
                                                                                                                                                                                                                                                                                    Start time:16:26:15
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:21
                                                                                                                                                                                                                                                                                    Start time:16:26:15
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:22
                                                                                                                                                                                                                                                                                    Start time:16:26:15
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:23
                                                                                                                                                                                                                                                                                    Start time:16:26:15
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:24
                                                                                                                                                                                                                                                                                    Start time:16:26:15
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:25
                                                                                                                                                                                                                                                                                    Start time:16:26:16
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:26
                                                                                                                                                                                                                                                                                    Start time:16:26:16
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:27
                                                                                                                                                                                                                                                                                    Start time:16:26:16
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:28
                                                                                                                                                                                                                                                                                    Start time:16:26:16
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:29
                                                                                                                                                                                                                                                                                    Start time:16:26:17
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:30
                                                                                                                                                                                                                                                                                    Start time:16:26:17
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Users\user\PCAppStore\PcAppStore.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                    Commandline:"C:\Users\user\PCAppStore\PCAppStore.exe" /init default
                                                                                                                                                                                                                                                                                    Imagebase:0x7ff6e0080000
                                                                                                                                                                                                                                                                                    File size:3'116'888 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:4B88D8ADA8D22622C30D581FC38EAA52
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:true

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:31
                                                                                                                                                                                                                                                                                    Start time:16:26:17
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:32
                                                                                                                                                                                                                                                                                    Start time:16:26:18
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:33
                                                                                                                                                                                                                                                                                    Start time:16:26:18
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:34
                                                                                                                                                                                                                                                                                    Start time:16:26:18
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:35
                                                                                                                                                                                                                                                                                    Start time:16:26:19
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:36
                                                                                                                                                                                                                                                                                    Start time:16:26:19
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:37
                                                                                                                                                                                                                                                                                    Start time:16:26:19
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:38
                                                                                                                                                                                                                                                                                    Start time:16:26:19
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:39
                                                                                                                                                                                                                                                                                    Start time:16:26:19
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:40
                                                                                                                                                                                                                                                                                    Start time:16:26:20
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:41
                                                                                                                                                                                                                                                                                    Start time:16:26:20
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:42
                                                                                                                                                                                                                                                                                    Start time:16:26:20
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    General

                                                                                                                                                                                                                                                                                    Target ID:43
                                                                                                                                                                                                                                                                                    Start time:16:26:20
                                                                                                                                                                                                                                                                                    Start date:11/11/2024
                                                                                                                                                                                                                                                                                    Path:C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe
                                                                                                                                                                                                                                                                                    Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                    Commandline:"C:\Program Files (x86)\VnuTZAAKDiIRzovfJOdTLcBQVZosdqqRnxgWwAPStUZXjPjwbAQBddTnDjTS\GkiQFNeggQCCdOqsaJMVyEE.exe"
                                                                                                                                                                                                                                                                                    Imagebase:0x340000
                                                                                                                                                                                                                                                                                    File size:140'800 bytes
                                                                                                                                                                                                                                                                                    MD5 hash:32B8AD6ECA9094891E792631BAEA9717
                                                                                                                                                                                                                                                                                    Has elevated privileges:false
                                                                                                                                                                                                                                                                                    Has administrator privileges:false
                                                                                                                                                                                                                                                                                    Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                    Has exited:false

                                                                                                                                                                                                                                                                                    Disassembly

                                                                                                                                                                                                                                                                                    No disassembly